The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
The Hacker News

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

PCPJack built a 230-node SMTP relay from hijacked cloud servers, syncing verified proxies every five minutes for scalable ...
CoinJournal

TrapDoor attack targets crypto wallets, AWS keys and GitHub tokens

A coordinated malware campaign known as TrapDoor has hit software ecosystems widely used by crypto and blockchain developers.
Reuters

Fears of unfettered hacking spurred by Anthropic's Mythos AI model overstated

Cybersecurity experts say Mythos' hacking threat is overstated, citing existing AI capabilities Mythos improves vulnerability discovery but main challenge is validating and fixing flaws, experts say ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...
Forbes

Microsoft Exchange Zero-Day Confirmed At Pwn2Own Hacking Event

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Hot on the heels of three new zero-day exploits against Windows 11, confirmed on May 14, ...
Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...