The Hacker News

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some ...

X Makes Recommendation Algorithm Public in Rare Transparency Shift

Social media company X has taken an uncommon step in an industry known for secrecy by publicly releasing the source code ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners on developer systems.
eWeek

Emergent Launches Vibe Coding Platform After $23M Raise

The firm is explicitly targeting small business owners, aspiring founders, and creators who may not have access to ...

AI framework flaws put enterprise clouds at risk of takeover

Two "easy-to-exploit" vulnerabilities in the popular open-source AI framework Chainlit put major enterprises' cloud ...

As if LinkedIn messages couldn't get any worse, hackers are using them to install malware on people's PCs

Once up and running, that malicious DLL file pops a Python interpreter onto the system, which runs a script to create a ...
CSO Online

CrashFix attack hijacks browser failures to deliver ModelRAT malware via fake Chrome extension

A malicious extension impersonating an ad blocker forces repeated browser crashes before pushing victims to run ...
eWeek

1X Neo Binge-Watches YouTube to Learn Your Chores

Who knew binge-watching YouTube could count as robotics R&D? 1X has plugged a 14-billion-parameter 1X World Model (1XWM) into ...

Dam Secure raises $6.1 million to tackle AI code security risks

Dam Secure has raised $6.1 million to help enterprises catch security flaws in AI-generated code before it reaches production ...

Quesma Releases OTelBench: Independent Benchmark Reveals Frontier LLMs Struggle with Real-World SRE Tasks

Quesma, Inc. announced the release of OTelBench, the first comprehensive benchmark for evaluating LLMs on OpenTelemetry ...
Decrypt

Elon Musk’s X Open-Sources Grok-Powered Algorithm Driving 'For You' Feed

The social media platform has taken a step towards transparency amid ongoing battles over platform spam and non-consensual AI ...
SecurityWeek

Chainlit Vulnerabilities May Leak Sensitive Information

Vulnerabilities in Chainlit could be exploited without user interaction to exfiltrate environment variables, credentials, ...