The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...
The Hacker News

ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories

Weekly roundup exploring how cyber threats, AI misuse, and digital deception are reshaping global security trends.

Fake MAS Windows activation domain used to spread PowerShell malware

A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell ...

How do AI coding agents work? We look under the hood.

At the core of every AI coding agent is a technology called a large language model (LLM), which is a type of neural network ...
Interesting Engineering

China: Single voice command exposes humanoid robots to hijacking and cascading attacks

Chinese security tests show robots hacked in minutes via voice or wireless flaws, spreading attacks to other machines and ...

[Free] Using Python for Cyber Offense and Defense eBook (worth $30)

Offering downloadable sample code, the book is written to help you discover how to use Python in a wide variety of ...

Your AI browser can be hijacked by prompt injection, OpenAI just patched Atlas

OpenAI says it has patched ChatGPT Atlas after internal red teaming found new prompt injection attacks that can hijack AI ...

Malware bypassed macOS Gatekeeper by abusing Apple's notarization proccess

A new variant of the MacSync Stealer uses a code-signed Swift application to get around Apple's macOS Gatekeeper protections.