Hackers exploit TrueConf zero-day to push malicious software updates

Hackers have targeted TrueConf conference servers in attacks that exploit a zero-day vulnerability, allowing them to execute ...
InfoWorld

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and ...
SecurityWeek

CrewAI Vulnerabilities Expose Devices to Hacking

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
The Pueblo Chieftain

Hosted.com Examines Prompt Injection Threats Affecting Websites Using AI

Hosted.com examines the growing risk of prompt injection attacks to businesses using AI tools, including their potential impact, and ways to reduce exposure. Businesses rely on AI more than ever. When ...
TechCrunch

A suite of government hacking tools targeting iPhones is now being used by cybercriminals

Security researchers have identified a suite of powerful hacking tools capable of compromising iPhones running older software that they say has passed from a government customer into the hands of ...