The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

Google blocked the first known AI-powered attack on 2FA accounts; here is how hackers tried to break in, know how to stay safe

Foreign hackers attempted a novel AI-powered cyberattack targeting two-factor authentication using a zero-day exploit. Google's Threat Intelligence Group detected and thwarted this sophisticated plot, ...

Grow Bigger Veggies Than Ever With This Ancient Plant Pot Watering Hack

If you're looking to improve your garden watering setup, look to this ancient hack that uses a terracotta plant pot, some ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
Hackaday

Spy Tech: The GPS Numbers Station

We’ve talked before about number stations — mysterious shortwave transmitters repeating numbers, presumably for clandestine ...
Dark Reading

Attackers Use AI to Automate EDR Evasion Testing

Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows ...
SecurityWeek

Chinese Cybercrime Group in Spotlight for Record Campaign Pace

The Chinese-speaking cybercrime group TA4922 has been escalating its malicious activities, expanding to Europe and Africa.

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
MIT Technology Review

The Meta hack shows there’s more to AI security than Mythos

Gong and other scholars have been issuing warnings about the security vulnerabilities of AI agents for a while. They publish ...

Should You Hijack a Corporate AI Chatbot for Free Tokens?

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook ...

Scientists Find Way to Supercharge Dangerous Computer ‘Worms’ With A.I.

Researchers at the University of Toronto showed how hackers could use artificial intelligence to create a program that could ...