The Hacker News

PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

PCPJack steals credentials via 6 Python modules exploiting 5 CVEs, enabling cloud spread and fraud-driven attacks.
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
The Next Web

The AI industry’s model and agent skill repositories are full of malware. The infrastructure built to accelerate development is now the vector for compromising it.

Hugging Face and ClawHub, the two largest repositories for AI models and agent skills, have been systematically compromised with hundreds of malicious entries that steal credentials, open backdoors, ...
The Hacker News

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...
InfoWorld

Supply-chain attacks take aim at your AI coding agents

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...
Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...

Usage-based pricing killing your vibe - here's how to roll your own local AI coding agents

With model devs pushing more aggressive rate limits, raising prices, or even abandoning subscriptions for usage-based pricing ...

Linux ‘Copy Fail’ flaw lets anyone hijack system privileges. Update ASAP

Copy Fail is a critical Linux vulnerability that lets any local user corrupt cached files and escalate to admin. Update your ...
Hackaday

Let Twitch Chat Control Your LED Strings

Once upon a time, someone set up a livestream wherein the messages from Twitch chat could control a game of Pokemon. Since ...
AMBCrypto

7 best all-in-one AI trading bot platforms in 2026 for crypto, forex, and stock trading

AI trading bots are no longer used only by professional quant teams. In 2026, traders are using automated tools to monitor ...
Elektroniknet

Developing Embedded Systems Using Generative AI

MathWorks has unveiled a new version of its software - Release 2026a - that integrates generative AI directly into ...