Should You Hijack a Corporate AI Chatbot for Free Tokens?

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook ...

The engineer who helped build top South African technology companies, including Superbalist, MasterStart, and Yoco

Matthew Goslett’s storied career began with IRC, dial-up Internet, and a fascination with how messages travelled between ...
CSO Online

Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...
Hackaday

After The Dust Settles: Building Pebble Apps

For a piece of wearable technology, Pebble has had a fairly “rocky” history. One of the most successful Kickstarters of its ...
The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...

Scientists Find Way to Supercharge Dangerous Computer ‘Worms’ With A.I.

Researchers at the University of Toronto showed how hackers could use artificial intelligence to create a program that could ...

Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access

Several users on social media reported having their Instagram accounts hacked over the weekend. Meta's own support chatbot ...
Hackaday

This Week In Security: Messing With AI, 7Zip And Notepad++ Vulnerabilities, HTTP2 Bomb, And More

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...

The Clever Trick Hackers Are Using to Break Into Signal Accounts

Posing as Signal’s support team, scammers are asking users for their recovery keys—a ploy to download and decipher encrypted ...
Graham Cluley

Smashing Security podcast #470: This AI security flaw might be impossible to fix

A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels.
The Hacker News

⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories ...