MCP shipped without authentication. Clawdbot shows why that's a problem.

Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

You can now use GPT-5.2-Codex in more IDEs0 0

OpenAI's powerful GPT-5.2-Codex agentic model is now available in more IDEs through GitHub Copilot for multiple subscription ...
Security Boulevard

Clawdbot-Style Agentic Assistants: What Your SOC Should Monitor, Triage, and Contain

What SOC teams need to monitor, triage, and contain when clawdbot-like agentic AI assistants. Includes detection signals, triage questions, and a containment playbook. The post Clawdbot-Style Agentic ...
Le Lézard

Veracode Releases Platform Enhancements as Software Supply Chain Attacks Surge

Veracode, the global leader in application risk management, today announced significant platform innovations introduced through the second half of 2025. Headlining the release is Package Firewall, an ...
eWeek

World Models Just Got Their GPT-2 Moment — Here’s What That Means For You

New Odyssey and World Labs APIs turn text, images, and video into interactive simulations and explorable 3D worlds for gaming ...
MacStories

Podcast Rewind: Building Personalized Software, Steam Machine Pricing Rumors, Matt Podcasts Solo, and Ted Danson

Enjoy the latest episodes from MacStories’ family of podcasts: AppStories This week, Federico and John complete their tour of holiday projects with a look at the tools both of them built with the help ...
NoGarlicNoOnions

Technology Stack Used in Online Color Prediction Games

Online color prediction games have become a prominent category in digital entertainment, combining simple mechanics with ...