The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Grow Bigger Veggies Than Ever With This Ancient Plant Pot Watering Hack

If you're looking to improve your garden watering setup, look to this ancient hack that uses a terracotta plant pot, some ...
Hackaday

Revisiting Using AI Coding Assistants: You’re Holding It Wrong Edition

After scathing accusations of skimping on due diligence, as well as other feedback to my article on trying to use an ‘AI ...
Dark Reading

Attackers Use AI to Automate EDR Evasion Testing

Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows ...

Google blocked the first known AI-powered attack on 2FA accounts; here is how hackers tried to break in, know how to stay safe

Foreign hackers attempted a novel AI-powered cyberattack targeting two-factor authentication using a zero-day exploit. Google's Threat Intelligence Group detected and thwarted this sophisticated plot, ...
SecurityWeek

Chinese Cybercrime Group in Spotlight for Record Campaign Pace

The Chinese-speaking cybercrime group TA4922 has been escalating its malicious activities, expanding to Europe and Africa.
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
MIT Technology Review

The Meta hack shows there’s more to AI security than Mythos

Gong and other scholars have been issuing warnings about the security vulnerabilities of AI agents for a while. They publish ...

Should You Hijack a Corporate AI Chatbot for Free Tokens?

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook ...
Hackaday

Three Arduinos Team Up To Make 80s-Style Computer

Back in the 80s, buying a home computer could easily mean an inflation-adjusted cost of thousands of dollars (or your equivalent currency unit of choice), and all for an 8-bit machine that might ...