The Hacker NewsOpinion

ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories

Weekly ThreatsDay Bulletin: supply chain attacks, fake support lures, AI tampering, data leaks, ransomware, and exploited ...
Computing

Criminals have already used AI to create a zero-day exploit

Researchers at Google say they have uncovered the first known case of hackers using AI to develop a zero-day cyber exploit.
Daily Mirror

Google says criminal hackers used A.I. to find a major software flaw

A criminal hacking group recently attempted to launch a widespread cyberattack that appeared to rely on artificial ...

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
cryptopolitan

Fake OpenAI repo hits 244K downloads, ships crypto wallet stealer

A fake repository mimicking OpenAI’s Privacy Filter on Hugging Face accumulated ~244,000 downloads before being removed. It delivered a multi-stage Rust infostealer ...

Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...
PCQuest

A password wasn’t enough, 2FA wasn’t enough, then AI entered the attack

Google warns AI may be helping hackers turn zero-days into faster attacks. See why stolen passwords, admin tools, and patch ...
TweakTown

Google finds hackers using AI to discover and develop a zero-day exploit for the first time for mass attacks

Google has not identified which LLM was used to develop the zero-day exploit, but has confirmed that its own Gemini AI was ...
theregister

Google says criminals used AI-built zero-day in planned mass hack spree

Google says crooks already have AI cooking up zero-days, and claims one nearly escaped into the wild before the company stopped it. In a report shared with The Register ahead of publication on Monday, ...
CSO Online

Google discovers weaponized zero-day exploits created with AI

The 2FA bypass exploit stemmed from a faulty trust assumption, providing evidence of AI reasoning that can discover ...
InfoWorld

Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...
Windows Report

Fake OpenAI Privacy Filter Repo on Hugging Face Spread Infostealer Malware

A malicious repository on Hugging Face impersonated OpenAI’s “Privacy Filter” project and briefly reached the platform’s top trending position before removal ...