Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

With Just 1 Click, Researchers Figured Out How to Hijack Microsoft Copilot to Steal Your Data

A recent Microsoft Copilot exploit demonstrates how AI can make existing cybersecurity bugs even more virulent.
The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...
InfoQ

Anthropic Explains How Claude Builds Its Own Execution Harnesses

Anthropic has published additional details about the orchestration system behind Claude Code's recently introduced Dynamic ...
The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...

Microsoft discovers new lightweight backdoor that steals cryptocurrency

Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...
Nature

Tech titans are hacking their bodies for a longer life: is there science behind their methods?

Influencers and ultra-rich people looking to extend their lifespan are trading tips and tricks on how to eke out extra years.
CSO Online

Microsoft says web-enabled AI agents can trigger host-level RCE

Microsoft’s AutoJack research shows how a malicious webpage rendered by an AI browsing agent can reach local MCP services and ...
GameSpot

Sony Is Finally Rolling Out A PC Driver For The PlayStation Link

GameSpot may receive revenue from affiliate and advertising partnerships for sharing this content and from purchases through links. PlayStation Link, the proprietary wireless connectivity tech that ...
Hackaday

Building A Ceiling-Based Crane Robot To Keep A Room Clean

One of the joys you get to experience whether as a proud parent or pet owner is that a lot of things get left around ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...