The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

Should You Hijack a Corporate AI Chatbot for Free Tokens?

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook ...
Bleeping Computer

GitHub investigates internal repositories breach claimed by TeamPCP

Update May 20, 04:17 EDT: GitHub has now confirmed the breach of ~3,800 internal repositories after an employee installed a malicious VS Code extension. GitHub is investigating a breach of its ...
GIGAZINE

73 Microsoft GitHub repositories have been disabled after being compromised by malware that stole credentials from AI users.

On June 5, 2026, 73 Microsoft GitHub repositories were disabled by GitHub's anti-fraud system. These repositories were found to be compromised by malware that stole authentication credentials when ...

‘I’m not bad, I’m just drawn that way’: Kathleen Turner’s best films – ranked!

As she nears her 72nd birthday, we honour the actor whose ‘smoked honey’ vocals added to her vampy persona on screen, whether bringing Jessica Rabbit to life or crushing Michael Douglas between her th ...
CoinJournal

TrapDoor attack targets crypto wallets, AWS keys and GitHub tokens

A coordinated malware campaign known as TrapDoor has hit software ecosystems widely used by crypto and blockchain developers.
thearabianpost

Fake coding tests expose crypto developers

Software developers across close to 100 organisations have been targeted by a likely North Korea-linked hacking operation that used fake recruitment and code-review tasks to steal cryptocurrency, ...
GitHub

Powershell-RAT

Python based backdoor that uses Gmail to exfiltrate data as an e-mail attachment. This RAT will help someone during red team engagements to backdoor any Windows machines. It tracks the user activity ...