The Hacker News

ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories

Weekly ThreatsDay Bulletin: supply chain attacks, fake support lures, AI tampering, data leaks, ransomware, and exploited flaws.
winbuzzer.com

OpenAI Details Codex Windows Sandbox Controls

OpenAI has published a technical explanation of its Windows sandbox for Codex, detailing a stricter local setup for the coding agent on developer PCs. Codex can still read broadly across a system, ...
How-To Geek on MSN

Don't pay for an AI coding assistant until you've tried running one locally

Your CPU can run a coding AI—here's why you shouldn't pay for one (as long as you have the patience for it).
Dark Reading

LatAm Vibe Hackers Generate Custom Hacking Tools on the Fly

In the latest evolution of automated cyberattacks, 2 threat campaigns heavily leveraged AI agents to support attacks against ...

Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...
SecurityWeek

Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware

CRPx0 is a complex, stealthy malware campaign that targets macOS and Windows systems, and appears to have Linux capabilities ...
Dark Reading

Hackers Use AI for Exploit Development, Attack Automation

Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate ...

7 Days: JDownloader got hacked, Chrome downloading 4GB file, and Steam Controller sold out7 Days: JDownloader got hacked, Chrome downloading 4GB file, and Steam Controller sold ...

Our '7 Days' weekly tech roundup brings the juiciest announcements. Read about Edge browser handling passwords in plaintext, JDownloader getting hacked, and the TAB key.