CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attack

The US cybersecurity agency added the bug, tracked as CVE-2026-34197, to its Known Exploited Vulnerabilities (KEV) catalog on ...

Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...