The Hacker News

New ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands

The development comes as NeuralTrust demonstrated a prompt injection attack affecting ChatGPT Atlas, where its omnibox can be ...
CSO Online

Claude AI vulnerability exposes enterprise data through code interpreter exploit

Security researcher demonstrates how attackers can hijack Anthropic’s file upload API to exfiltrate sensitive information, ...
Hosted on MSN

Alleged 7-Zip arbitrary code execution exploit leaked to Twitter — the 7-Zip author claims this exploit not only isn't real but was generated by AI

Yesterday, user @NSA_Employee39 allegedly posted a zero-day exploit for the popular open-source file decompression utility 7-Zip on Twitter, only to have 7-Zip author Igor Pavlov swiftly dismiss it as ...
The Hacker News

Self-Spreading 'GlassWorm' Infects VS Code Extensions in Widespread Supply Chain Attack

GlassWorm spread via 14 VS Code extensions; Solana + Google Calendar C2; stole credentials, drained 49 wallets.
Infosecurity-magazine.com

Huawei IoT Exploit Code Released for Free

The working code for a Mirai variant targeting a Huawei internet of things (IoT) vulnerability has been made available for free on Pastebin. According to NewSky Security, the exploit, which attacks ...
ZDNet

Code execution exploit dings iPhone

Apple's iPhone has failed the security smell test. Researchers at Security Evaluators have found what is believed to be the first remote code execution flaw affecting the device -- a bug that can be ...
eWeek

Huawei Router Exploit Code Used in IoT Botnet Goes Public

At the core of the Satori Internet of Things (IoT) botnet that was disrupted by internet service providers (ISPs) earlier this month, is a vulnerability in Huawei routers. Researchers at NewSky ...