The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.
SecurityWeek

VMware Aria Operations Vulnerability Could Allow Remote Code Execution

Broadcom has released patches for several vulnerabilities affecting VMware Aria Operations, including high-severity flaws.
Bleeping Computer

BeyondTrust warns of critical RCE flaw in remote support software

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary ...
Unite.AI

OpenClaw vs Claude Code: Remote Control Agents

Two tools that have recently landed, taken together, define what the next phase of AI agent competition looks like. On5, Anthropic released Remote Control for Claude Code — a feature that lets ...
TechRadar

BeyondTrust RCE flaw lets hackers run code without logging in

BeyondTrust warns of critical RCE flaw CVE-2026-1731 in RS and PRA Vulnerability allows unauthenticated OS command execution, risking compromise and data exfiltration Patch released February 2, 2026; ...
CSO Online

VMware fixes command injection flaw in Aria Operations

Two other flaws were patched by the virtualization vendor, impacting Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure as well.
Infosecurity-magazine.com

New Zero-Click Flaw in Claude Desktop Extensions, Anthropic Declines Fix

A single Google Calendar event can silently compromise a system running Claude Desktop Extensions, according to security researchers at browser security provider LayerX. In a new report published on ...