Uncategorized

Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data

Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data 2026-06-30 at 20:46 By New Microsoft research shows how attackers can hijack AI agents that act on a user’s behalf, using nothing more than a poisoned tool description to make the agent quietly hand over company data to an outsider. The trick is that the […]

Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data Read More »

RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS

RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS 2026-06-30 at 20:45 By A new two-stage malware family called RustDuck is hijacking home routers, IP cameras, Android boxes, and poorly secured servers, then stitching them into a network built to knock websites and online services offline. Researchers at QiAnXin’s XLab have tracked it since

RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS Read More »

Mark Zuckerberg’s Meta loses bid to toss lawsuit alleging Facebook and Instagram addict children

Mark Zuckerberg’s Meta loses bid to toss lawsuit alleging Facebook and Instagram addict children 2026-06-30 at 19:08 By Reuters Meta said attorneys general had no evidence it misled consumers about its platforms’ alleged addictiveness, including in congressional testimony by Mark Zuckerberg. This article is an excerpt from Latest Technology News | New York Post View

Mark Zuckerberg’s Meta loses bid to toss lawsuit alleging Facebook and Instagram addict children Read More »

Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints

Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints 2026-06-30 at 18:47 By Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026-33017 (CVSS score: 9.3), an unauthenticated remote code execution (RCE)

Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints Read More »

Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses

Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses 2026-06-30 at 18:40 By Cybersecurity researchers have flagged an active browser extension campaign that is designed to steal cryptocurrency by stealthily replacing wallet addresses when unsuspecting users initiate a transaction. The cryptocurrency clipper activity has been codenamed Silent Swap by McAfee Labs.

Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses Read More »

GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks

GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks 2026-06-30 at 17:26 By The safety check that is supposed to stop an AI coding agent from running a dangerous command can be walked straight past using a shell trick that has been public for decades. New research from Adversa AI, which is named the

GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks Read More »

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study 2026-06-30 at 16:49 By Researchers tested 444 AI chatbot apps for iPhone and found that 282 of them, nearly two-thirds, exposed paid AI access through their network traffic. In many cases, the path in was visible just by watching

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study Read More »

AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks

AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks 2026-06-30 at 15:39 By Two researchers have found six security flaws in AirDrop and Quick Share, the wireless features that beam files between nearby devices with no cables or shared network. An attacker within wireless range, with just a laptop and no

AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks Read More »

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer 2026-06-30 at 14:18 By An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and Djinn Stealer. The intrusion involves the exploitation of CVE-2026-48558 (CVSS score: 10.0), a critical authentication bypass

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer Read More »

The BYOVD Epidemic: How Attackers Are Weaponizing Trusted Windows Drivers to Kill Security

The BYOVD Epidemic: How Attackers Are Weaponizing Trusted Windows Drivers to Kill Security 2026-06-30 at 13:00 By Threat Hunter Team Bring Your Own Vulnerable Driver (BYOVD) has gone from a niche tactic to a standard part of the ransomware playbook and Windows’ own kernel hardening does little to stop it. This article is an excerpt

The BYOVD Epidemic: How Attackers Are Weaponizing Trusted Windows Drivers to Kill Security Read More »

Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth

Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth 2026-06-30 at 12:45 By A critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance by sending a crafted request to its API. The flaw, tracked as CVE-2026-8037, carries a CVSS score of 9.8 according to ZDI.

Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth Read More »

New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials

New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials 2026-06-30 at 11:37 By Convince an AI browser that it is playing a game, and it can hand over your login details. That is the finding behind BioShocking, a technique from security firm LayerX that tricked six AI browsers and assistants into copying a user’s credentials

New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials Read More »

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs 2026-06-30 at 10:15 By Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four vulnerabilities in WebKit that were discovered using artificial intelligence (AI) tools like Anthropic Claude and OpenAI Codex Security.

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs Read More »

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild 2026-06-30 at 08:04 By A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The vulnerability, tracked as CVE-2026-46817 (CVSS score: 9.8), refers to an improper privilege management and authentication flaw in Oracle Payments that

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild Read More »

Ford rehires experienced engineers after AI misses the mark

Ford rehires experienced engineers after AI misses the mark 2026-06-30 at 05:03 By Fox Business Ford has rehired experienced human engineers to help address the shortcomings of artificial intelligence (AI) tools meant to tackle quality issues in the automaker’s production processes. This article is an excerpt from Latest Technology News | New York Post View Original Source

Ford rehires experienced engineers after AI misses the mark Read More »

Chinese AI is now on par with Anthropic in terms of cybersecurity: report

Chinese AI is now on par with Anthropic in terms of cybersecurity: report 2026-06-30 at 00:34 By Marc Vartabedian Chinese artificial intelligence models have caught up to top U.S. systems in cybersecurity – a shift that could add pressure on the White House as it scrambles to figure out its domestic AI policy. Security researchers

Chinese AI is now on par with Anthropic in terms of cybersecurity: report Read More »

How digital price tags are spreading at retailers like Walmart — and sparking ‘surveillance’ fears

How digital price tags are spreading at retailers like Walmart — and sparking ‘surveillance’ fears 2026-06-30 at 00:34 By Lisa Fickenscher Union officials have suggested that the digital tags could eventually be used to exploit so-called biometric data that identifies shoppers who enter stores — in particular facial recognition data — to charge customers different

How digital price tags are spreading at retailers like Walmart — and sparking ‘surveillance’ fears Read More »

Scroll to Top