In A.I. Blunder, More Than 34,000 Instagram Accounts Were Attacked

The flaw, which Meta said it had fixed, allowed anyone to take over accounts using a bug in the company’s new artificial ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
MIT Technology Review

The Meta hack shows there’s more to AI security than Mythos

Gong and other scholars have been issuing warnings about the security vulnerabilities of AI agents for a while. They publish ...
The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...

Patch AM: Plant a seed - A seed swap to kick off summer reading and 13 more events

Be sure to catch Community Singing Celebration With Heather Houston and the Joyful Voices Chorus! on the San Anselmo Patch calendar ...
eWeek

Gemma 4 12B Turns Laptops Into Tiny Supercomputers

Google DeepMind just rolled out Gemma 4 12B, a 12-billion-parameter model that can parse text, images, audio, and video ...
Graham Cluley

Smashing Security podcast #470: This AI security flaw might be impossible to fix

A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels.