MIT Technology Review

The Meta hack shows there’s more to AI security than Mythos

Gong and other scholars have been issuing warnings about the security vulnerabilities of AI agents for a while. They publish ...

Should You Hijack a Corporate AI Chatbot for Free Tokens?

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook ...
The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...
CSO Online

Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...
Dark Reading

Attackers Use AI to Automate EDR Evasion Testing

Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows ...

Security News This Week: Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow

Plus: A ransomware group is now stealing data in person, BusPatrol wants to hand its license plate surveillance data to the ...
Microsoft

Azure Resource Graph

"You should use Azure Resource Graph from now on, it is very fast and enables you to dig into resources in a brand new way." For the 2017 company-wide Hackathon ...

CrowdStrike and Google take down botnet used by hackers to target open source software developers

Cybercriminals used the Glassworm botnet to infect open source software projects with malware, and in turn hack the ...

This AI Startup’s Army Of 15,000 Hackers Pressure Test Claude, GPT-5 And Gemini

Gray Swan works with every major frontier AI lab. Now it’s raised $40 million as it expands to sell security tools to ...

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...

‘TrapDoor’ malware targets crypto dev tools in supply chain attack

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.