The Hacker News

Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers

North Korean group Konni uses AI-assisted PowerShell malware and phishing via Google ads and Discord to breach blockchain development environments.

Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.

Hackers exploit critical telnetd auth bypass flaw to get root

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present ...

Overrun with AI slop, cURL scraps bug bounties to ensure “intact mental health”

The project developer for one of the Internet’s most popular networking tools is scrapping its vulnerability reward program ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...

AI framework flaws put enterprise clouds at risk of takeover

Two "easy-to-exploit" vulnerabilities in the popular open-source AI framework Chainlit put major enterprises' cloud ...
CSO Online

Flaws in Chainlit AI dev framework expose servers to compromise

Security researchers uncovered two vulnerabilities in the popular Python-based AI app building tool that could allow ...