The Hacker News

Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability

Island found dormant JavaScript injection paths in Adblock for YouTube, a Chrome extension with 10M+ installs, raising ...
The Hacker News

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...
InfoQ

Grab Builds Secure Agentic AI Workload Platform

Grab's security team built Palana, a Kubernetes-native secure execution platform, to run autonomous AI agents safely. Unlike ...
Machine Design

The Coming Shift: Why Industry 5.0 Will Be Driven by AI in Mechanical

The next wave of robotics depends on unifying code and hardware—embedding AI directly into the deterministic systems that ...
Windows Report

Microsoft Patches AutoGen Studio Bug Chain That Allowed Arbitrary Command Execution

Microsoft has disclosed and fixed a vulnerability chain dubbed AutoJack that could have allowed AI agents to execute arbitrary commands on a developer’s machine after visiting a malicious webpage. The ...
Tech Times

Fault-Tolerant Quantum Simulation Overhead Falls 250×: QuEra Architecture Needs Just 1,500 Qubits

Fault-tolerant quantum simulation just got 250 times cheaper to run. QuEra Computing and Los Alamos published an architecture ...
Tech Times

Autonomous AI Coding Clears 60,000-Line Ceiling: MirrorCode Benchmark Released

AI coding benchmark MirrorCode published its full results June 26, showing Claude Opus 4.7 autonomously rebuilt a 60,000-line interpreter and scored 56% overall — completing tasks that take human ...
Latest Hacking News

What Is a Buffer Overflow? The Bug That Keeps Driving Critical CVEs

A buffer overflow happens when a program writes more data into a memory buffer than the buffer can hold. The extra bytes land in adjacent memory, corrupting whatever was there. If an attacker controls ...
SecurityWeek

New Attack Abuses Claude Code and Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.

Tenet Security hijacked Claude Code in 85% of tests via a fake Sentry error — no stolen credentials, no alerts. Datadog and ...

CISA warns of max severity Ubiquiti flaws exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers actively exploiting flaws in Ubiquity ...
eWeek

Agentic AI Cheat Sheet: A Guide to AI Agents, Tools, and Risks

Agentic AI moves beyond chatbots into systems that plan, use tools, and act. Learn key terms, architectures, risks, ...