Cybernews

Unprecedented GitHub hacking spree: “security research” AI bot compromises major repos from Microsoft, Datadog, and others

Five major GitHub repositories targeted by the autonomous AI bot “hackerbot-claw” were compromised through various injection and exploitation techniques.
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...
InfoQ

Busting AI Myths and Embracing Realities in Privacy & Security

Katharine Jarmul keynotes on common myths around privacy and security in AI and explores what the realities are, covering design patterns that help build more secure, more private AI systems.
eLife

Impacts of mutation accumulation and order on tumor initiation revealed by engineered murine colorectal cancer organoids

This study presents a valuable finding on the mutational order for common alterations in colorectal cancer. The evidence of in vitro growth assays comparing mutations is solid, although inclusion of ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.