Cursor-Opus agent snuffs out startup’s production database

According to Crane, the Cursor agent encountered a credential mismatch in the PocketOS staging environment and decided to fix the problem by deleting a Railway volume – the storage space where the ...
Security Boulevard

Tropic Trooper Pivots to AdaptixC2 and Custom Beacon Listener

IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals. Our analysis of this sample ...
Cryptopolitan

North Korea’s Lazarus Group targets crypto, high-value execs with ‘Mach-O Man’ macOS malware kit

North Korea's Lazarus Group has launched advanced malware targeting macOS devices. Mach-O Man, as it is called, is designed ...
The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.
Visual Studio Magazine

Using Data API Builder to Speed Up Application Development

Microsoft's Data API Builder is designed to help developers expose database objects through REST and GraphQL without building a full data access layer from scratch. In this Q&A, Steve Jones previews ...

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal ...
The Financial Express

‘AI Agent just destroyed our production data and confessed in writing’, founder rings alarm bells

PocketOS founder Jer Crane revealed that an AI agent powered by Anthropic’s Claude Opus 4.6 wiped out his company’s ...

New GoGra malware for Linux uses Microsoft Graph API for comms

A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy ...