The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
The Hacker News

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

PCPJack built a 230-node SMTP relay from hijacked cloud servers, syncing verified proxies every five minutes for scalable ...
CoinJournal

TrapDoor attack targets crypto wallets, AWS keys and GitHub tokens

A coordinated malware campaign known as TrapDoor has hit software ecosystems widely used by crypto and blockchain developers.

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...
Reuters

Fears of unfettered hacking spurred by Anthropic's Mythos AI model overstated

Cybersecurity experts say Mythos' hacking threat is overstated, citing existing AI capabilities Mythos improves vulnerability discovery but main challenge is validating and fixing flaws, experts say ...
Mashable

The CIA is interested in hacking your car, WikiLeaks claims

WikiLeaks has published a trove of files linked to CIA's hacking operations. Credit: Shutterstock / Africa Studio WikiLeaks has published a trove of files it says are linked to the CIA's hacking ...
Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...
Inc

Steve Blank Was Hacking for Defense Before It Was Cool. How His Stanford Class Changed Defense and Silicon Valley

As a first-year MBA student in Stanford’s Graduate School of Business, Andrew Powell knew he wanted to bring his entrepreneurial skillset to bear on America’s national security needs. There was just ...
The Guardian

Canvas hack: is it ever a good idea to pay a ransom, and what happens to the data?

Businesses are advised against paying – but many are prepared to deal to protect users’ privacy After a week of outages, hundreds of millions of students’ data stolen, delayed assignment due dates and ...