The Hacker News

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

Gemini CLI CVSS 10.0 flaw in versions below 0.39.1 enabled RCE in CI workflows, forcing Google to mandate explicit workspace ...
SecurityWeek

SAP NPM Packages Targeted in Supply Chain Attack

Four SAP NPM packages compromised in the Mini Shai-Hulud supply chain attack trigger a Bun runtime to install an information ...
Bdaily

Five Common Vulnerabilities Found in Today's Mobile Apps

Most people install an app, grant it a few permissions, and never give its security another thought. But behind the… | ...
Nature

All life runs on 20 amino acids. These cells run key machinery on just 19

AI-guided redesign of protein alphabet in bacteria could unlock new ways to build synthetic organisms.
InfoWorld

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...
WLRN

What to know about how the suspect in the killing of 2 USF students used ChatGPT

Prosecutors have revealed that a suspect in the deaths of USF students Zamil Limon and Nahida Bristy asked ChatGPT about body ...
Hosted on MSN

Cursor vulnerability raises risks for API key security

A severe vulnerability in the AI-powered development tool Cursor allows installed extensions to access locally stored API keys and session tokens without user action, according to LayerX researchers.