News

The Hacker News6m
Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection
Critical flaw in Cursor AI editor let attackers execute remote code via Slack and GitHub—fixed in v1.3 update.
The Hacker News4h
Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts
The ongoing campaign, first detected in early 2025, is designed to use the OAuth applications as a gateway to obtain ...
The Hacker News5h
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
In the npm ecosystem, postinstall scripts are often overlooked attack vectors—they run automatically after a package is ...
The Hacker News9h
Storm-2603 Exploits SharePoint Flaws to Deploy Ransomware via DNS-Controlled Backdoor
The activity has been attributed to Storm-2603, which, according to Microsoft, is a suspected China-based threat actor that ...
The Hacker News6h
You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them
The solution lies in fundamentally reimagining security data architecture around what AI models actually need to perform effectively. This means transitioning from legacy data feeds to what could be ...