Live Bitcoin News

The npm Package That Wipes Your Files When You Try to Stop It

An attacker poisoned 84 TanStack npm versions across 42 packages, stealing GitHub OIDC tokens and cloud keys while planting a ...
The Hacker News

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
Security Boulevard

How to Connect Custom AI Agents with Slack

Whether you want simple fire-and-forget alerts or full two-way control, here's how to securely wire your AI agent into Slack.
Tech Wire Asia

Google says hackers are using AI to find zero-days and build malware

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...

200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...

Fake OpenAI repository on Hugging Face pushes infostealer malware

A malicious Hugging Face repository that reached the platform's trending list impersonated OpenAI's "Privacy Filter" project ...
Decrypt

You Installed Hermes. Now Make It Look Better Than ChatGPT or Claude

The terminal is fine. But if you actually want to live in your Hermes agent, here are the four best GUIs the community has ...
Dark Reading

After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets

PCPJack makes innovative use of parquet files for stealthy, pre-validated target discovery as it canvasses multiple cloud ...
Security Boulevard

Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework

Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...