WebMCP Can Be Used To Hijack AI Agents, Chrome Warns

Chrome's WebMCP guidance warns that AI agents can be manipulated through the tools they are built to trust.
techtimes

Xiaomi MiMo Code Claims to Beat Claude Code: Benchmark Scores Are Self-Reported

Xiaomi released MiMo Code V0.1.0 on June 10, 2026 — a terminal-native coding agent built on a fork of the open-source OpenCode project, bundled with free access to Xiaomi's own 1-trillion-parameter ...
The Hacker News

Malware | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS . "The Windows variants discovered are internally ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Cryptopolitan on MSN

IronWorm malware plants rootkit in Arweave ecosystem npm libraries

A malware named IronWorm spread through 36 npm packages in the Arweave ecosystem, stealing developer credentials and self ...

Heartstopper fans are rightly calling out ‘sickening’ response to new film trailer

There's far more to it than that.

Cloudflare acquires VoidZero, maker of the Vite JavaScript toolchain

Cloudflare Inc. today said it has acquired VoidZero Inc., the open-source company behind Vite and the widely used JavaScript ...
The Hacker News

⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More

Your weekly cybersecurity recap: a GitHub supply chain worm, an exploited Android flaw, Instagram account takeovers, and a ...

The £5,000 British sex cruise setting sail — with tantra, lube and no single men

This spicy cruise sets sail today, but what does it involve? (Picture: Killing Kittens) Want to embrace your sexual side in ...
Hosted on MSN

WordPress malware uses Steam profile comments for command and control

Security researchers from GoDaddy found a cheeky new malware campaign that used comments made by Steam Community accounts as command-and-control (C2) infrastructure. Here is how the attack plays out: ...