The Hacker News

New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis

SentinelOne details Gaslight, a Rust-based macOS implant linked to North Korea-aligned actors that uses prompt injection to ...
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Dark Reading

'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows

By targeting the automated workflows around repositories with targeted pull requests, attackers can potentially target ...
InfoWorld

How fuzzy APIs are remaking the web

With the advent of AI-mediated APIs, the era of manually hard-coding every integration between every microservice may be ...
Infosecurity Magazine

macOS Backdoor Uses Prompt Injection to Evade AI Triage

A North Korea-linked macOS backdoor has been caught hiding a prompt injection that targets malware analyst's AI tools, rather ...

Praxis: The First AI-Powered Autonomous Red Team Agent Goes Live

An AI terminal that thinks, adapts, and executes — turning natural language objectives into complete penetration test ...

IT Academy STEP Georgia Launches AI Engineering Program Focused on Real-World Deployment Autonomous & Systems

Tbilisi, Georgia, June 22nd, 2026, FinanceWireAs artificial intelligence reshapes global industries, the demand for ...

How to burst the AI bubble: Strike at its roots

Ars Technica: It could be catastrophic, economically speaking, when the AI bubble finally bursts. But you point out that ...
Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...

The maker of ChatGPT wants to make open-source projects less of a security bargain

As AI tools flood open-source maintainers with low quality bug reports, OpenAI's new Patch the Planet initiative aims to filter out the noise and fix real threats.