Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
The Hacker News

WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool

Kaspersky says attackers are using fake WhatsApp document attachments to run VBScript malware and install ManageEngine RMM ...
The Free Press Journal

Hackers Exploit Meta AI Tool To Hijack Instagram Accounts, Including Obama's White House Page

Hackers exploited a flaw in Meta’s AI support chatbot to hijack Instagram accounts without needing passwords or original emails. By spoofing location and prompting the bot to add a new email, ...
Business Times

mm2 Asia H2 net loss widens to S$166.6 million amid fair-value losses

[SINGAPORE] Former Cathay Cineplexes operator mm2 Asia posted a net loss of S$166.6 million for its second half ended Mar 31, widening from a net loss of S$101.3 million in the year-ago period. In ...
abc7NY

Knicks flip script, exploit James Harden to spark Game 1 rally

NEW YORK -- It wasn't quite a matter of pettiness, but the Knicks found their idea for an improbable comeback thanks to the Cavaliers trying to exploit Jalen Brunson on defense. Trailing by 22 points ...
Forbes

Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Microsoft confirms Exchange zero-day, CISA warns it's under active exploitation. Updated May ...
CoinTelegraph

THORChain pauses trading after suspected $10M exploit

THORChain paused trading after ZachXBT flagged a suspected $10 million exploit spanning Bitcoin, Ethereum, BNB Chain and Base. Decentralized liquidity protocol THORChain halted trading after ...
Ars Technica

Zero-day exploit completely defeats default Windows 11 BitLocker protections

A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker protections and gain complete access to an encrypted drive within seconds.
TechRepublic

Google Says Hackers Used AI to Build Zero-Day Exploit

Google says hackers used AI to help build a zero-day exploit targeting 2FA, raising concerns about AI-assisted hacking. Google says hackers used AI to help build a zero-day exploit, then stopped it ...
Bleeping Computer

Google: Hackers used AI to develop zero-day exploit for web admin tool

Researchers at Google Threat Intelligence Group (GTIG) say that a zero-day exploit targeting a popular open-source web administration tool was likely generated using AI. The exploit could be leveraged ...
CSOonline

Google discovers weaponized zero-day exploits created with AI

The 2FA bypass exploit stemmed from a faulty trust assumption, providing evidence of AI reasoning that can discover high-level logic flaws. The Google Threat Intelligence Group (GTIG) today released ...
CSOonline

‘Trivial’ exploit can give attackers root access to Linux kernel

Experts say until the distros release patches, CSOs have to beware of unauthorized privilege escalation; Kubernetes container escape is also a risk. CSOs must ensure their Linux-based systems block ...