The Hacker News

AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites

Microsoft uncovered 150+ AI-assisted cryptojacking domains using fake software downloads to deploy persistent malware.

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...

Sonatype Firewall Extends Malicious Package Protection to Any Repository

Sophisticated attackers have moved beyond typosquatting: In 91% of cases, sophisticated naming variants such as prefix-addition, version mimicry, and embedding, are used to infiltrate developer ...
Geeky Gadgets

How Deno’s New Firewall Stops AI Agents from Leaking Passwords

Deno has officially open-sourced Claw Patrol, a firewall designed to enhance the security of AI agents interacting with external systems. This framework addresses key challenges such as credential ...
Opinion
The Hacker NewsOpinion

You Can't Patch Your Way Out of This One

Claude Mythos found thousands of vulnerabilities, exposing patching limits as AI-driven exploit discovery accelerates cyber risk.
InfoWorld

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...

New CIFSwitch Linux flaw gives root on multiple distributions

A newly discovered local privilege escalation vulnerability dubbed 'CIFSwitch' in the Linux kernel could allow attackers to forge CIFS authentication key descriptions, abuse the kernel's key request ...
Morning Overview on MSN

Palo Alto Networks is finally pushing the last round of patches for a wide-open root zero-day today — the firewalls sat wide open for almost three weeks across the upd…

Palo Alto Networks is shipping the final round of patches for CVE-2026-0300 today, closing a pre-authentication remote code ...