GrafanaGhost: The AI That Leaked Everything Without Being Hacked

A newly disclosed vulnerability reveals how AI assistants can become invisible channels for data exfiltration — and why ...

Hackers use Claude and ChatGPT to breach government agencies

Nine Mexican government agencies targeted by a single attacker with two AI tools.

Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...
The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.
Hackaday

Simulating The AVR8 For A Browser-based Arduino Emulator

It’s always nice to simulate a project before soldering a board together. Tools like QUCS run locally and work quite well for ...
The Hacker News

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.
Hackaday

Drawing Tablet Controls Laser In Real-Time

Some projects need no complicated use case to justify their development, and so it was with [Janne]’s BeamInk, which mashes a ...
GitHub

Python BF Hardline Hack 2025 Win

Enhance your Battlefield Hardline gameplay with this powerful Windows-based hack tool. Designed for the 2025 release, our project provides optimized features to dominate multiplayer matches, including ...
SecurityWeek

CrewAI Vulnerabilities Expose Devices to Hacking

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...
Cybernews

Code trust crisis: Is it safe to update your system during an active supply chain attack?

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...