Cybernews

Popular AI coding tool Blackbox AI, with 5M downloads, grants root access to hackers

BlackBox AI, a popular VS Code coding assistant, has a critical indirect prompt injection vulnerability. Hackers can exploit this to gain remote root access to a user’s computer.
eWeek

GPT-5.3 Instant Cuts Fluff, Speeds Chat Replies

Google will start shipping fresh Chrome milestones every two weeks beginning with version 153 on Sept. 8, slicing its long-standing four-week cadence in half. The change spans desktop, Android, iOS, ...

How our AI bots are ignoring their programming and giving hackers superpowers

Instances of generative AI-assisted hacking are on the rise, and the threat of cyberattacks from bots acting on their own is no longer science fiction. With AI doing their bidding, novices can cause ...
Hackaday

Trying A Vibe-Coded Operating System

If you were to read the README of the Vib-OS project on GitHub, you’d see it advertised as a Unix-like OS that was written from scratch, runs on ARM64 and x86_64, and comes with a full GUI, ...
Decrypt

Apple iPhone Hacking Kit Used By Spies, Crypto Scams Could Have US Intelligence Origins

Researchers said a sophisticated exploit kit with 23 iOS vulnerabilities is being used by espionage and cybercrime campaigns.
PCMag

This iOS 'Exploit' Kit Can Hack Vulnerable iPhones Using 23 Different Attacks

Security researchers discover the 'Coruna' exploit kit running on malicious Chinese websites that were able to secretly hack vulnerable iPhones running iOS 13 to 17.2.1.

A Possible US Government iPhone-Hacking Toolkit Is Now in the Hands of Foreign Spies and Criminals

A highly sophisticated set of iPhone hijacking techniques has likely infected tens of thousands of phones or more. Clues suggest it was originally built for the US government.
SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data theft.
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...
i-SCOOP

What is the Impact of AGENTS.md Files on the Quality of AI Output?

Are AGENTS.md files actually helping your AI coding agents, or are they making them stupider? We dive into new research from ETH Zurich, real-world experiments, and security risks to find the truth ...

He Gets Himself 'Kidnapped' When Bored - This Bengaluru Techie's Bizarre Hack Goes Viral

A Bengaluru techie built an AI-powered “kidnap button” that books an Uber to a random location whenever he feels bored. The ...

Russian hacker uses multiple AI tools to break hundreds of firewalls

A Russian hacker was recently seen brute-forcing their way into hundreds of firewalls - but what makes this campaign really stand out is the fact that the seemingly low-skilled threat actor was able ...