Toggle light / dark theme

Get the latest international news and world events from around the world.

Log in for authorized contributors

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

The issues have been addressed in ColdFusion 2023 Update 21 and ColdFusion 2025 Update 10. Security researchers Anirudh Anand, Matan Sandori, and 2Bsecure have been credited with discovering and reporting CVE-2026–48283, CVE-2026–48313, and CVE-2026–48307.

Separately, Adobe has also shipped fixes to close out a critical flaw in Adobe Campaign Classic impacting versions ACC v7: 7.4.3 build 9,396 and earlier for Windows and Linux that could result in arbitrary code execution.

The vulnerability, tracked as CVE-2026–48286 (CVSS score: 10.0), is a case of incorrect authorization that could enable an attacker to execute arbitrary code on affected systems. It has been patched in version ACC v7: 7.4.3 build 9397.

Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands

Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor’s safety sandbox and run any command on a developer’s computer. There is no click to fall for and no approval box to ignore.

Cato AI Labs found the pair and named them DuneSlide. They are tracked as CVE-2026–50548 and CVE-2026–50549, both rated 9.8 out of 10 (or 9.3 under the newer CVSS 4.0 scale).

The fix is already out. Both bugs are patched in Cursor 3.0, released April 2, and every version before 3.0 is affected. Cursor’s maker says more than half the Fortune 500 use the tool, so if you run it, update now.

New ChocoPoC malware targets researchers via trojanized PoC exploits

Multiple weaponized proof-of-concept (PoC) exploits on GitHub were found delivering a Python-based remote access trojan (RAT) named ChocoPoC that can execute commands and steal sensitive data in a campaign believed to target cybersecurity researchers.

Hiding malware in PoC exploits for various vulnerabilities is not new, as there are examples of threat actors posing as real security researchers and taking advantage of trending vulnerabilities to target vulnerability and penetration testers or low-skilled hackers.

However, ChocoPoC stands out for not embedding the malware directly in the exploit file but for adding malicious Python packages to the PoC’s dependency list.

Consciousness likely not unique to earthlings, paper says

Does consciousness depend on flesh and blood?

The answer is almost certainly no, according to Eric Schwitzgebel, a distinguished professor of philosophy at the University of California, Riverside.

In a new working paper, Schwitzgebel and Jeremy Pober, a former UCR graduate student who is now a postdoctoral researcher at the University of Lisbon, assert that consciousness is likely possible in life forms made of much different stuff. Think of the five-limbed alien with a rock-like exterior in the recent blockbuster movie “Project Hail Mary.”

Why AI fiction still feels flat: New test shows characters lack mystery and complexity

Researchers at the University of North Carolina at Chapel Hill have found that while artificial intelligence can spin increasingly convincing stories, its characters may still lack one of the qualities that make human-written fiction memorable: mystery.

As AI writing tools become more common in publishing and entertainment, Carolina researchers wanted to understand whether the characters created by these systems are as varied and nuanced as those crafted by human authors. Their findings suggest that, despite advances in technology, AI still tends to rely on familiar patterns.

The study examined how characters in stories generated by AI compare with those written by people. Drawing on ideas from literary theory, the researchers analyzed eight different aspects of character portrayal, including whether characters seem realistic or exaggerated, whether they evolve over time, and whether they remain mysterious or fully understood by the end of a story.

AI-human relationships are real and come with risks, researchers find

Human-AI relationships are no longer confined to the domain of science fiction. As the technology has developed, AI chatbots have evolved from playing a role in search engines and image-generation tools into confidants, therapists and even romantic partners. It’s a radical evolution of human-AI interactions that brings with it new risks in how it is reshaping the way we think and talk about relationships, including with ourselves, finds new research published in the journal Nature Machine Intelligence.

Prolonged interaction with AI chatbots can lead people to develop an emotional dependence on the technology, potentially alienating them from human relationships, said Andreia Sofia Teixeira, an associate professor at Northeastern University London in the Network Science Institute who co-authored the recent work. As a growing number of lawsuits claim chatbots’ role in people’s deaths, the new research underscores how being caught in an echo chamber with a sycophantic tool can potentially spell disaster for the most vulnerable.

“The problem is less about AI performance and much more about the impact of these sustained interactions on ourselves … and how, over time, this may impact society at large,” Teixeira said.

RNA Folding Energy of Long-Range Genomic Interactions Regulates Discontinuous Transcription in SARS-CoV-2

Coronaviruses use discontinuous transcription to generate subgenomic RNAs (sgRNAs) that encode structural and accessory proteins. However, the factors regulating sgRNA abundance in SARS-CoV-2 remain unclear. Here, we combined strand-specific RNA sequencing, RNA–RNA interaction mapping, prediction of RNA folding energies, and targeted mutagenesis to define the regulation of (–) sgRNA synthesis in SARS-CoV-2 infection. We demonstrated that the relative (–) sgRNA abundance across viral genes is stable throughout infection and largely correlates with corresponding (+) sgmRNA levels. Through meta-analysis of published SPLASH data, we found that the frequency of long-range interactions between the 5′ genomic transcription regulatory sequence TRS-Leader and downstream TRS-Body sequences correlates with sgRNA abundance.

/* */