CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.
InfoWorld

Visual Studio Code 1.115 introduces VS Code Agents app

Preview of new companion app allows developers to run multiple agent sessions in parallel across multiple repos and iterate ...

Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
MUO on MSN

I finally set up a local coding assistant that works inside my editor — this stack is gold

Local AI > browser tabs. Not even close.