Latest Hacking News

What Is a Buffer Overflow? The Bug That Keeps Driving Critical CVEs

A buffer overflow happens when a program writes more data into a memory buffer than the buffer can hold. The extra bytes land in adjacent memory, corrupting whatever was there. If an attacker controls ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

Edge users beware — this malicious extension can break out of the sandbox and install ...

Researchers from Zscaler found a new malware campaign dubbed Edgecution.
cryptopolitan

Microsoft, Google patch flaws as Cordyceps spread across open-source repositories

Security researchers at Novee found over 300 exploitable CI/CD workflow chains across repositories belonging to Microsoft, Google, Apache, Cloudflare, and the Python Software Foundation. The flaws ...

Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...

7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
CSO Online

Google’s Vertex AI SDK could allow RCE through bucket squatting

Google reportedly patched a flaw in the Vertex AI SDK for Python that could allow attackers to hijack model uploads and ...

Python dev saved from disaster by intuition... and AI

Python developer Roman Imankulov nearly took the bait. The fact that he didn't can be chalked up to human intuition and AI ...
SecurityWeek

Hackers Exploit Langflow Vulnerability for Remote Code Execution

Threat actors have begun exploiting a high-severity vulnerability in the popular low-code AI development platform Langflow, according to VulnCheck. Tracked as CVE-2026-5027 (CVSS score of 8.8), the ...
Fox News

Judge blocks Alabama's nitrogen gas execution method, rules it is unconstitutionally cruel

A federal judge on Tuesday permanently blocked Alabama executing death row inmate Jeffrey Lee with nitrogen gas after finding that it violates the U.S. Constitution's ban on cruel and unusual ...