The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...
Security Boulevard

News alert: Halo Security recognized for helping MSPs manage customers’ external attack surfaces

Halo Security today announced that its attack surface management solution has been named a 2026 MSP Today Product of the Year ...
eWeek

‘ChatGPhish’ Attack Turns ChatGPT Summaries Into Phishing Lures

Permiso researchers found ChatGPhish, a prompt-injection issue that can cause ChatGPT summaries to display phishing links, ...

SpartanX Launches NodeX, the World’s Only Full-Stack Autonomous Internal Attack Capability, Pulling Machine-Speed Red Teaming Inside the Perimeter

SpartanX, the world’s only full-stack AI-powered autonomous red teaming platform, today announced the release of NodeX, its new Internal Attack Capability that extends SpartanX’s External Attack ...
Decrypt

What Is an AI Prompt Injection Attack? The Hidden Threat Hijacking Your Chatbots

Hackers can hijack ChatGPT, Claude, and Gemini with nothing but a sentence. OpenAI says the problem may never be fully solved.

A.I. Is Making Scams Hard to Spot. Here’s How to Protect Yourself.

A criminal could be masquerading as a celebrity, web store or family member asking for your money. Detecting scams requires a ...
Bleeping Computer

CISA flags two-year-old Oracle flaw as actively exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched ...
The Facts

Tenzai Expands Its AI Hacker to AI Applications

The record-breaking autonomous offensive security company extends its full-stack testing to include AI systems, covering web, ...
CNET

Instagram's AI Chatbot Gave Away a Bunch of Accounts to Hackers

You may have heard that some notable Instagram accounts were hacked over the weekend. Barack Obama's White House account was ...
TMCnet

Common Gen AI Security Challenges and How Organizations Can Overcome Them

The integration of AI into organizational systems is increasing to increase productivity and innovation. However, this use ...

Researchers found a way to spy on your browsing by watching your SSD's activity

The method, known as FROST – short for "fingerprinting remotely using OPFS-based SSD timing" – focuses on how different processes compete for storage access. That competition ...
Yahoo Malaysia

How to Make Your Phone (Nearly) Impossible to Track

The more we use our phones, the more personal information we give up. So we asked cybersecurity experts how to make your ...