Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
latesthackingnews.com

Reverse Shell Explained: Setup, Attack Chain, and Detection

A reverse shell makes the target machine initiate the connection back to the attacker, bypassing firewalls that only filter ...
SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

'Just icky'. Florida hunter cracks open a python egg on video

Professional python hunter Amy Siewe recently posted a video on her Facebook page showing her cutting open a snake's egg to ...

Microsoft Shows How to Build Your Own AI Agent from Scratch

Microsoft has launched a four-part developer series explaining how to build a CLI-style AI agent that can plan tasks, use tools, retain information, and ...
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...

7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...

North Korea-Linked macOS Malware Uses Prompt Injection to Evade AI Analysis

SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Vogue

Summer’s Most-Wanted Shoe? The Wedge Sandal—Here’s How to Wear It

With open-toe season in full swing, wedge sandal outfits offer versatility in spades. They’re not quite as high as a proper heel, delivering a few welcome inches while remaining surprisingly ...
Developer Tech

Mozilla shows Claude Code malware risk in clean GitHub repo

Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...
Circuit Digest

How to Build an IoT-Based Parking Space Detection System Using Raspberry Pi and CircuitDigest Cloud

Step 1: First, you need to make an account on the CircuitDigest Cloud. If you already have one, just go to the CircuitDigest ...