The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.
Windows Report

Hackers Could Exploit Exposed Google API Keys to Access Gemini AI

Over 2,800 exposed Google API keys may allow unauthorized Gemini AI access, risking data leaks and massive API charges.
IEEE

URL-Based Phishing Attacks Detection Using Machine Learning

Abstract: In this paper, we tackle the challenge of real-time detection of social engineering attacks, specifically focusing on phishing Uniform Resource Locator (URL) classification. We apply machine ...

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
GitHub

The AI Scientist: Towards Fully Automated

One of the grand challenges of artificial intelligence is developing agents capable of conducting scientific research and discovering new knowledge. While frontier models have already been used to aid ...