Macworld

Hackers have a new way to disable Mac security software

Researchers at XM Cyber have discovered a method to attack a Mac without requiring a kernel exploit or bypassing macOS’s ...
Decrypt

This AI Agent Survived 6,000 Hack Attempts—Here’s How

Developer Fernando Irarrázaval's AI agent experiment drew over 6,000 hack attempts from more than 2,000 attackers. No one ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
The Hacker News

Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability

Island found dormant JavaScript injection paths in Adblock for YouTube, a Chrome extension with 10M+ installs, raising ...
Graham Cluley

Smashing Security podcast #472: AI gets hacked, and BitLocker gets bypassed

What if your AI coding assistant could be tricked into stealing your own company’s secrets – by reading a single ...
SecurityWeek

Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover

A vulnerability in the Claude extension for Chrome could allow attackers to take over the AI agent and abuse it for information theft, cybersecurity firm LayerX reports. The flaw, dubbed ClaudeBleed, ...
Seeking Alpha

Fastly, along with Akamai and Cloudflare, tumbles after Anthropic launches Managed Agents

Fastly (FSLY), along with its competitors Akamai (AKAM) and Cloudflare (NET), tumbled during Friday trading after Anthropic (ANTHRO) launched its Claude Managed Agents. Fastly had plunged 18%, Akamai ...
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

A long-lived NPM access token was used to bypass the GitHub Actions OIDC-based CI/CD publishing workflow and push backdoored package versions. Malicious versions of the highly popular Axios NPM ...
LinkedIn

Anthropic's Claude Code Source Leak: What Happened, What It Means, and How Developers Are Reacting

Claude Code-- This is not the Claude AI model itself. It is a separate software tool (a "command-line interface" or CLI) that developers install on their computers to interact with Claude from their ...
InfoQ

Are We Ready for the Next Cyber Security Crisis Like Log4shell?

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Birgitta Böckeler, Distinguished Engineer at ...
InfoQ

Astro Announces Version 6 Beta with Redesigned Development Server and First-Class Cloudflare Workers

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Spencer Judge discusses the architectural ...
theregister

Stealthy browser extensions waited years before infecting 4.3M Chrome, Edge users with backdoors and spyware

A seven-year malicious browser extension campaign infected 4.3 million Google Chrome and Microsoft Edge users with malware, including backdoors and spyware sending people's data to servers in China.