The Hacker News

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in ...
TechCrunch

Security flaws in a carmaker’s web portal let one hacker remotely unlock cars from anywhere

A security researcher said flaws in a carmaker’s online dealership portal exposed the private information and vehicle data of its customers, and could have allowed hackers to remotely break into any ...
Krebs on Security

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...
CoinTelegraph

Bybit reveals security overhaul in response to $1.4B hack

Bybit unveiled a major security overhaul following its $1.4 billion hack in February, with upgrades across audits, wallet protection and information security. Bybit, the world’s second-largest ...
Reuters

Cyber defenders sound the alarm as F5 hack exposes broad risks

WASHINGTON, Oct 20 (Reuters) - A more than year-long digital intrusion into cybersecurity company F5 (FFIV.O), opens new tab, publicized last week and blamed on Chinese spies, has defenders across the ...
Business Wire

AI-Generated Code Poses Major Security Risks in Nearly Half of All Development Tasks, Veracode Research Reveals

BURLINGTON, Mass.--(BUSINESS WIRE)--Veracode, a global leader in application risk management, today unveiled its 2025 GenAI Code Security Report, revealing critical security flaws in AI-generated code ...
Hosted on MSN

AI-written code now behind 20% of security breaches

Recent analysis indicates a growing concern in cybersecurity: one in five security breaches is now attributed to AI-written code. This marks a significant shift in the landscape of digital threats.
Hosted on MSN

Microsoft SharePoint hack: An active cybersecurity incident could impact tens of thousands of servers

On July 19, Microsoft alerted users that it was experiencing an active cyberattack on its SharePoint servers, which allow organizations to share and manage documents. According to The Washington Post, ...
Forbes

Google’s Hot New AI Coding Tool Was Hacked A Day After Launch

A security researcher discovered a nasty flaw in Google’s Antigravity tool, the latest example of companies rushing out AI tools vulnerable to hacking. Within 24 hours of Google releasing its ...
The Hacker News

Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware

A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote ...
Dark Reading

LLMs' AI-Generated Code Remains Wildly Insecure

The code generated by large language models (LLMs) has improved some over time — with more modern LLMs producing code that has a greater chance of compiling — but at the same time, it's stagnating in ...