The Hacker News

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

North Korea-linked ScarCruft uses fake Microsoft Account alerts and ZIP files to deliver NarwhalRAT, a Python RAT built for ...

10 signs that someone is monitoring or accessing your accounts - how to stop them

10 signs that someone is monitoring or accessing your accounts - how to stop them ...
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
CNET on MSN

Hackers Conned a Chatbot to Hijack 20,000 Instagram Accounts

Hackers Conned a Chatbot to Hijack 20,000 Instagram Accounts ...

Dashlane explains how attackers managed to download encrypted password vaults

Dashlane said that attackers mounted a coordinated hacking campaign against a large base of its users in an attempt to recover as many encrypted password vaults as possible. The password manager ...

Hackers found a way to make Meta’s AI hand over Instagram accounts

The exploit affected hundreds of accounts and raises new questions about what happens when companies automate account security. The Instagram account of the Obama White House has not been active for ...
MIT Technology Review

The Meta hack shows there’s more to AI security than Mythos

Gong and other scholars have been issuing warnings about the security vulnerabilities of AI agents for a while. They publish papers and blog posts detailing exploits such as indir ...
latesthackingnews.com

LiteLLM Vulnerability Chain: What Security Teams Running AI Gateways Need to Do Now

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

"Thought It Was a Security Alert Email"...Warning Issued Over Malicious MS Impersonation Emails

A cyberattack has been discovered in which emails impersonating Microsoft (MS) security alerts are being used to spread ...
Hosted on MSN

I built a Python utility using Claude to automate my image editing workflow, and it saves me hours every week

Before the rise of generative AI tools, fixing a batch of images would be messy business. It would mean bouncing between three browser tabs, logging into tools you had forgotten you had an account on, ...