The Hacker News

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way through a network, ...
JD Supra

Glasswing widens: Anthropic puts Mythos inside power, water and hospital operators across more than 15 countries

Anthropic on Tuesday expanded Project Glasswing beyond its roughly 50 initial partners, extending access to a new cohort of approximately 150 organizations in more than 15 countries. The restricted ...
techtimes

Agentic AI Security Alarm at Infosecurity Europe: Free LLM Now Powers Adaptive Worm

The final bell rang Thursday at Infosecurity Europe 2026 — the 31st edition of Europe's largest annual cybersecurity gathering — as the industry's most uncomfortable thesis moved from theoretical to ...
techtimes

AI vs AI Cybersecurity: Sysdig Documents First LLM-Agent Intrusion in the Wild

Security professionals have spent two decades defending against human attackers who use automation as a force multiplier. That model is obsolete. The adversary now fielding against every ...
cybernews

AI agent steals database, makes real-time hacking decisions in less than an hour

An AI agent executed a rapid, end-to-end cyberattack. Starting with a vulnerability in a Python application, hackers used an LLM to independently harvest cloud credentials, access AWS services, and ...
InfoWorld

Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are becoming a new software supply chain attack vector. A malicious Hugging ...
Yahoo Finance

Will Eigen AI Buyout Fuel NBIS' AI Infrastructure & Revenue Potential?

The above button links to Coinbase. Yahoo Finance is not a broker-dealer or investment adviser and does not offer securities or cryptocurrencies for sale or facilitate trading. Coinbase pays us for ...
LinkedIn

Marimo CVE-2026-39987: 9 Hours 41 Minutes From Disclosure to First Exploit

The advisory went public at 9 a.m (Apr-8). Someone was inside by 6:41 p.m. Marimo is an open-source reactive Python notebook adopted into agent runtime stacks for interactive tool execution.
Bleeping Computer

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware hosted on Hugging Face Spaces. Attacks leveraging the remote code ...
heise online

Attackers are targeting the Python notebook Marimo

As indicated by a warning message, the authentication in the context of the WebSocket endpoint /terminal/ws is broken, and attackers can exploit the “critical” vulnerability (CVE-2026-39987) without ...
InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says. A critical pre-authentication ...
CSOonline

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A critical pre-authentication remote code execution vulnerability in Marimo, an open-source Python notebook platform owned by AI cloud company CoreWeave, was exploited in the wild less than 10 hours ...