AI Tools Are Helping Mediocre North Korean Hackers Steal Millions

One group of hackers used AI for everything from vibe coding their malware to creating fake company websites—and stole as ...
Security Boulevard

Vercel Breach: How a Roblox Cheat Download Led to a $2M Data Heist Through AI Tool OAuth Abuse

Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal ...

Crypto hackers stole $17B over past 10 years: DefiLlama

Crypto hacks stole $17 billion over the past 10 years, driven by private key compromises and phishing attacks as smart contract security improved.
CoinDesk

KelpDAO hackers are laundering millions in stolen crypto, data show

KelpDAO hackers are moving $290M in stolen crypto across blockchains, using privacy tools to mask the trail as DeFi contagion ...

Hackers accessed personal information for up to 70,000 people in Canada Life data breach

One of Canada’s largest life and health insurers says a recent data breach has exposed the personal information of up to ...
The Hacker News

⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More

Monday cybersecurity recap on evolving threats, trusted tool abuse, stealthy in-memory attacks, and shifting access patterns.
Computing

Vercel breach linked to third-party tool as hackers claim data theft

Cloud development platform Vercel has confirmed it suffered a security breach, after a threat actor claimed to be selling ...
Cult of Mac

Make your iPhone completely hacker-proof — with a huge downside

But if you feel you absolutely must use it, or are just curious, enabling Lockdown Mode on your iPhone is easy. Open the ...
SecurityWeek

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.
Hackaday

This Week In Security: Flatpak Fixes, Android Malware, And SCADA Was IOT Before IOT Was Cool

Rowhammer attacks have been around since 2014, and mitigations are in place in most modern systems, but the team at gddr6.fail has found ways to apply the attack to current-generation GPUs.

Techie Tonic: Two CISOs warn Axios breach changes supply chain trust model

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software trust models must urgently change.