900,000 Users Hit as Malicious Chrome Extensions Steal ChatGPT, DeepSeek Chats

OX Security reveals how malicious Chrome extensions exposed AI chats from ChatGPT and DeepSeek, silently siphoning sensitive ...
Opinion

IBM's AI agent Bob easily duped to run malware, researchers show

That's apparently the case with Bob. IBM's documentation, the PromptArmor Threat Intelligence Team explained in a writeup provided to The Register, includes a warning that setting high-risk commands ...
Unite.AI

The Secretless Imperative: Why Traditional Security Models Break When AI Agents Touch Code

In April 2023, Samsung discovered its engineers had leaked sensitive information to ChatGPT. But that was accidental. Now imagine if those code repositories had contained deliberately planted ...

Supply chains, AI, and the cloud: The biggest failures (and one success) of 2025

One such event occurred in December 2024, making it worthy of a ranking for 2025. The hackers behind the campaign pocketed as ...
SecurityWeek

Infostealer Malware Delivered in EmEditor Supply Chain Attack

The text and code editing tool EmEditor was targeted in a supply chain attack that resulted in the distribution of ...
Bleeping Computer

GhostPoster attacks hide malicious JavaScript in Firefox addon logos

A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions with more than 50,000 downloads, to monitor browser activity and plant a backdoor. The ...
WSMV

‘Malicious’ threat targets Pulaski Electric System in ‘cyber attack,’ interrupting customer services

NASHVILLE, Tenn. (WSMV) - Weeks of interruptions to Pulaski Electric System (PES) services for customers have been caused by a cyber attack, the utility provider revealed this week. “PES has learned ...
standardmedia.co.ke

Lobby groups accuse Havi of malicious attacks on Judiciary

A section of civil society groups has warned that some lawyers' push to paint the Judiciary and other state officers as corrupt could erode Kenyans' confidence in constitutional bodies. The more than ...
The Hacker News

Researcher Uncovers 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated Development Environments (IDEs) that combine prompt injection primitives with legitimate ...
Hosted on MSN

How attackers exploit malicious, vulnerable software libraries to launch stealth attacks

Andrzej Jarmolowicz, Operations Director at Cybershure. Modern cyber attacks seldom begin with loud, disruptive breaches. Instead, attackers increasingly rely on malicious or vulnerable software ...
SecurityWeek

Vulnerability in OpenAI Coding Agent Could Facilitate Attacks on Developers

The Codex CLI vulnerability tracked as CVE-2025-61260 can be exploited for command execution. OpenAI recently patched a Codex CLI vulnerability that can be exploited in attacks aimed at software ...
Fox News

Assistant high school principal and brother allegedly planned violence against ICE agents: police

A high school assistant principal in Virginia and his brother are accused of threatening violence against ICE agents and local police officers. According to court documents, an off-duty Norfolk Police ...