Dark Reading

Attackers Hijack Exposed AI Endpoints to Power Offensive Ops

Attackers don't need any special authentication to reach a target endpoint — they just need to know where it is.

Aikido acquires Root to patch open-source software without forced upgrades

Belgian cybersecurity company Aikido Security NV today announced that it has acquired Root.io Inc., a company that offers ...
SecurityWeek

Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks

Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, creating a new software supply ...
SecurityWeek

Critical SimpleHelp Vulnerability Exploited for Malware Delivery

A threat actor has been exploiting CVE-2026-48558, a critical SimpleHelp vulnerability, to drop TaskWeaver and Djinn Stealer ...

Mozilla Warns GitHub Repos Can Trick AI Tools Into Hacking Your PC

Christopher Harper is a tech writer with over a decade of experience writing how-tos and news. Off work, he stays sharp with gym time & stylish action games.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
The Hacker News

Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability

Island found dormant JavaScript injection paths in Adblock for YouTube, a Chrome extension with 10M+ installs, raising ...