Magecart hides payload in favicon EXIF via third-party scripts, bypassing static analysis and stealing checkout data at runtime.

Theori, a leader in offensive security research, today announced the commercial availability of Xint Code, the first completely LLM-native Static Application Security Testing (SAST) tool capable of ...

AI-assisted code speeds development, but introduces vulnerabilities at an alarming rate. Waratek IAST reports flaws ...

Can free AI scanners replace enterprise SAST? Anthropic and OpenAI found 500-plus zero-days pattern-matching tools missed — and both scanners are free.

Six security teams shipped six OpenClaw defense tools in 14 days. Three attack surfaces survived: runtime semantic exfiltration, cross-agent context leakage and agent-to-agent trust chains with zero ...

Researchers are warning about the risks posed by a low-cost device that can give insiders and hackers unusually broad powers ...

New data suggests a cyber espionage group is laying the groundwork for attacks against major industries. The "React2Shell" vulnerability is already almost a few months old, but it's far from over. An ...

Zapier reports that AI security is crucial as AI usage grows, presenting risks like data breaches and adversarial attacks ...

Hidden instructions in content can subtly bias AI, and our scenario shows how prompt injection works, highlighting the need for oversight and a structured response playbook.

Social engineering is evolving from Human to Human, to, Human to AI. But are we ready for this new threat? Remember the days ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...