The Hacker News

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

Disgraced US gov software contractor found guilty of database destruction

A Virginia man, Sohaib Akhter, faces decades in prison after a jury convicted him of being involved in a scheme to delete ...
Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...
InfoWorld

Building AI apps and agents with Microsoft Foundry

Microsoft’s Azure-based AI development and deployment platform shines with a strong selection of models and agent types and ...
Chicago Maroon

In His Last College Quarter, Ben Heim Is Building an AI Project Every Week

In his final quarter at UChicago, fourth-year Ben Heim has been taking his own advice. As president of the International ...

200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...

Usage-based pricing killing your vibe - here's how to roll your own local AI coding agents

With model devs pushing more aggressive rate limits, raising prices, or even abandoning subscriptions for usage-based pricing ...
Dark Reading

Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia

More than 1,600 malicious messages from the China-backed APT group deliver the previously undocumented ABCDoor backdoor and ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...
MUO on MSN

Notepad++ has no business being this useful with these 6 plugins

A 6MB editor quietly replacing tools that cost ten times more.
How-To Geek on MSN

I thought you needed advanced math to build machine learning models, but I was wrong

Machine learning sounds math-heavy, but modern tools make it far more accessible. Here’s how I built models without deep math ...