The Hacker News

OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

OpenClaw integrates VirusTotal Code Insight scanning for ClawHub skills following reports of malicious plugins, prompt injection & exposed instances.
SecurityWeek

Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks

The majority of the 1.4 million React2Shell exploitation attempts GreyNoise saw in a week deployed cryptominers and reverse ...
VentureBeat

Infostealers added Clawdbot to their target lists before most security teams knew it was running

Clawdbot's MCP implementation has no mandatory authentication, allows prompt injection, and grants shell access by design. Monday's VentureBeat article documented these architectural flaws. By ...
Forbes

When AI Agents Turn Against You: The Prompt Injection Threat Every Business Leader Must Understand

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Prompt injection attacks can manipulate AI behavior in ways that traditional cybersecurity ...
Ars Technica

A single click mounted a covert, multistage attack against Copilot

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data with a single click on a legitimate URL. The hackers in this case were white ...
Science Daily

Injection turns sleeping tumor immune cells into cancer fighters

KAIST researchers have developed a way to reprogram immune cells already inside tumors into cancer-killing machines. A drug injected directly into the tumor is absorbed by macrophages, prompting them ...
CBS News

Minnesota woman dies after losing arm in shark attack in U.S. Virgin Islands

Lucia Suarez Sang is an associate managing editor at CBSNews.com. Previously, Lucia was the director of digital content at FOX61 News in Connecticut and has previously written for outlets including ...
CSOonline

Top cyber threats to your AI systems and infrastructure

From data poisoning to prompt injection, threats against enterprise AI applications and foundations are beginning to move from theory to reality. Attacks against AI systems and infrastructure are ...
Ars Technica

ChatGPT falls to new data-pilfering attack as a vicious cycle in AI continues

There’s a well-worn pattern in the development of AI chatbots. Researchers discover a vulnerability and exploit it to do something bad. The platform introduces a guardrail that stops the attack from ...
Dark Reading

ChatGPT's Memory Feature Supercharges Prompt Injection

Some of the latest, best features of ChatGPT can be twisted to make indirect prompt injection (IPI) attacks more severe than they ever were before. That's according to researchers from Radware, who ...
Fox News

Fake error popups are spreading malware fast

A dangerous cybercrime tool has surfaced in underground forums, making it far easier for attackers to spread malware. Instead of relying on hidden downloads, this ...
Fox News

OpenAI admits AI browsers face unsolvable prompt attacks

Cybercriminals don't always need malware or exploits to break into systems anymore. Sometimes, they just need the right words in the right place. OpenAI is now openly acknowledging that reality. The ...