Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
Decrypt

Polkadot-Ethereum Bridge Hack Losses Were 10x Worse Than Reported, Team Admits

Polkadot bridge protocol Hyperbridge said losses from this week's hack were 10x worse than originally reported, tallying ...
Live Science

Hackers used AI to steal hundreds of millions of Mexican government and private citizen records in one of the largest cybersecurity breaches ever

A group of hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months.

Claude Mythos Isn’t Just A PR Stunt, It’s The New Face Of Offensive AI

Claude Mythos represents a new generation of AI models that can conduct autonomous attacks more effectively than ever before.
CNET

FBI Wi-Fi Router Hacked List: 5 Steps to Keep Your Router Safe Now

The FBI and Department of Justice recently disrupted a Russian attack targeting home and small-office business routers.

Google shoehorned Rust into Pixel 10 modem to make legacy code safer

To protect the Pixel modem from zero-day attacks, Google focused on the DNS parser. As cellular features have migrated to ...

Hacker Used Claude and ChatGPT to Breach Multiple Government Agencies

Solo hacker used AI to breach 9 Mexican government agencies, exposing 195 million citizens' data in hours instead of weeks.
Tech Xplore

Claude Mythos and Project Glasswing: Why an AI superhacker has the tech world on alert

New, more powerful artificial intelligence (AI) models are announced pretty regularly these days: the latest version of ...
The Hacker News

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...
SecurityWeek

Critical Marimo Flaw Exploited Hours After Public Disclosure

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
TechCrunch

De-fi platform Drift suspends deposits and withdrawals after millions in crypto stolen in hack

Decentralized finance company Drift says it has suspended withdrawals and deposits after confirming a security incident. The crypto platform said in a post on X that it was “experiencing an active ...