Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

digna Introduces Python SDK and Docker Deployment in Release 2026.06

Alongside the SDK, Release 2026.06 introduces Docker deployment support, giving organizations greater flexibility in how they deploy and manage the platform. Docker-based deployment simplifies ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Unite.AI

OpenAI’s Daybreak Wants to Own the Patch, Not Just the Bug

OpenAI expanded its Daybreak security program on June 22, 2026, and it's easy to read the announcement as one more model drop ...
The Hacker News

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed LiteLLM is a widely ...