Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...
CPO Magazine

Over 100 AI Coding Agents Taken Over Via New “Agentjacking” Attack

The new “agentjacking” attack takes almost no real hacking ability to pull off. It's predicated on pulling a public ...
The Caledonian-Record

QR codes are helping transit systems adapt without rebuilding infrastructure

Uniqode reports that QR codes enhance transit systems by providing real-time information without needing new infrastructure, ...
GovInfoSecurity

North Korean Hackers Poison Mastra AI Framework

Microsoft says North Korean-linked BlueNoroff compromised a Mastra npm maintainer account and published more than 140 ...

Study Reveals Exploit That Lets Your Browsing History Be Spied On Using Your SSD

You can minimize the degree to which your browser spies on you, but potential hackers can use your own SSD against you and ...
Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
The Caledonian-Record

California legislator accuses Newsom of violating state code

() - Assemblymember Carl DeMaio, R-San Diego, has commented further about his call for California Gov. Gavin Newsom to be ...
The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

Anthropic's Claude Code Artifacts update brings live, shared dashboards and interactive workspaces to enterprises

By turning the terminal into a live, collaborative canvas, Anthropic is proving that the most valuable output of an AI coding ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
Telegraph Herald

Dubuque police warn against scam involving unexpected packages, QR codes

According to an online announcement, scammers send random items or empty boxes to people's homes and use their name to post ...