News

Decrypt21h

'CopyPasta' Attack Shows How Prompt Injections Could Infect AI at Scale

AI coding tools can be tricked by fake license files to spread malicious code, security firm HiddenLayer warns.

Hackers exploited Sitecore zero-day flaw to deploy backdoors

Threat actors have been exploiting a zero-day vulnerability in legacy Sitecore deployments to deploy WeepSteel reconnaissance ...
The Hacker News4h

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.
Hackaday3h

This Week In Security: DNS Oops, Novel C2s, And The Scam Becomes Real

Something rather significant happened on the Internet back in May, and it seems that someone only noticed it on September 3rd ...
Hackaday1h

Hackaday Podcast Episode 336: DIY Datasette, Egg Cracking Machine, And Screwing 3D Prints

Thunderstorms were raging across southern Germany as Elliot Williams was joined by Jenny List for this week’s podcast. The deluge outside didn’t stop the hacks coming though, and ...
Infosecurity Magazine6h

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Security

Trend Micro observed the attackers using terminal-based installation methods for the AMOS malware, luring macOS users into ...

Coinbase’s preferred AI coding tool can be hijacked by new virus

Cybersecurity firm HiddenLayer says a new virus can infect popular AI tools, including one widely used at crypto exchange ...
The Register on MSN19h

Attackers snooping around Sitecore, dropping malware via public sample keys

You cut and pasted the machine key from the official documentation? Ouch Unknown miscreants are exploiting a configuration ...