The most severe Linux threat to surface in years catches the world flat-footed

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of ...

Why OpenAI's 'goblin' problem matters — and how you can release the goblins on your own

If OpenAI can accidentally train its flagship model to obsess over goblins, what other more subtle and potentially harmful ...

This Footage of a Puking Snake Is a Gross Reminder of Why Python Control Is So Important

Burmese pythons can also swallow much bigger prey, due to their ability to open their flexible jaws even wider than their bodies. This includes larger mammals — such as raccoons, bobcats, and even ...

Crime crew impersonates help desk, abuses Microsoft Teams to steal your data

A previously unknown threat group using tried-and-tested social engineering tactics - Microsoft Teams chat invitations and ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.
The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

There’s no rogue McDonald’s AI bot, but ‘prompt injection’ is still a risk for companies

People hacking branded AI bots can result in significant reputational, financial, and legal consequences. There appears to be ...

I built an AI poem generator. I wasn’t prepared for how people would use it

To put that theory into practice, I teamed up with my friend Jared Bauman, built an AI-powered poem generator, and released ...
Dark Reading

Bad Memories Still Haunt AI Agents

Anthropic fixed a significant vulnerability in Claude Code's handling of memories, but experts caution that memory files will ...
Security Boulevard

Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework

Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...