Fake error popups are spreading malware fast

Cybercriminals use ErrTraffic tool to automate malware distribution through fake browser error messages, with attacks ...

This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI, an open-source, self-hosted web interface for interacting with local or remote AI language models, carried a high ...
Unite.AI

The Secretless Imperative: Why Traditional Security Models Break When AI Agents Touch Code

In April 2023, Samsung discovered its engineers had leaked sensitive information to ChatGPT. But that was accidental. Now imagine if those code repositories had contained deliberately planted ...
Opinion

IBM's AI agent Bob easily duped to run malware, researchers show

That's apparently the case with Bob. IBM's documentation, the PromptArmor Threat Intelligence Team explained in a writeup provided to The Register, includes a warning that setting high-risk commands ...

NC judges rule against Gov. Josh Stein on power to fill vacancies on top courts

In a dissenting opinion, one judge argued that the bill reduces the governor’s choice to “selecting the least objectionable ...
The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...

Prices for an old Star Wars game have ballooned because of its role in a PS5 jailbreak

Star Wars Racer Revenge is listed on eBay for hundreds of dollars more than its original price because of its use in a new ...

Apache Commons Text: Code injection vulnerability in older versions

Apache Commons Text is used for processing character strings in Java apps. A critical vulnerability allows the injection of malicious code.
The Hacker News

Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

A critical flaw in legacy D-Link DSL routers lets unauthenticated attackers run commands and hijack DNS, with active ...

39C3: Security researcher hijacks AI coding assistants with prompt injection

At 39C3, Johann Rehberger showed how easily AI coding assistants can be hijacked. Many vulnerabilities have been fixed, but ...
AllAfrica on MSN

Kenya On Alert After WHO Flagged Fake Kidney Transplant Injection in Rwanda

The Pharmacy and Poisons Board (PPB) has issued a public alert warning of falsified SIMULECT (basiliximab), a medication ...