Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
The Hacker News

Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks

Google links Turla to STOCKSTAY, a new .NET backdoor used in phishing attacks against Ukraine government and military targets ...
Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...

OpenAI's new GPT-5.5-Cyber tops Claude Mythos 5 in vulnerability benchmark0 0

OpenAI is rolling out the full, limited-release version of GPT-5.5-Cyber—a specialized AI model that outperforms its ...
Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Tom's Hardware on MSN

AI coding agents can be tricked into installing malware via 'clean' GitHub repositories

Three levels of indirection, all with seemingly innocuous steps, will catch a bot off-guard.

OpenAI expands Daybreak with Patch the Planet and full GPT-5.5-Cyber release

OpenAI Group PBC today expanded its Daybreak cybersecurity program with a new open-source patching initiative called Patch ...
winbuzzer.com

OpenAI Says GPT-5.5-Cyber Leads Claude Mythos, Expands Daybreak-Initiative

OpenAI is now turning its Daybreak initiative into a defensive cybersecurity program that combines Codex updates, the GPT-5.5-Cyber release and partner access for approved organizations. As OpenAI ...

Stealthy Mistic backdoor linked to ransomware access broker KongTuke

A new backdoor dubbed Mistic has been observed in financially motivated attacks targeting organizations in the insurance, ...

Buckle Up: The Bad Guys Now Have A Model As Powerful As Mythos

China now has an open-weight model that can find software vulnerabilities and create attacks for anybody to use.
Decrypt

This AI Agent Survived 6,000 Hack Attempts—Here’s How

Developer Fernando Irarrázaval's AI agent experiment drew over 6,000 hack attempts from more than 2,000 attackers. No one ...