Hackers are abusing unpatched Windows security flaws to hack into organizations

A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit ...

Google Android PIN Hackers Target 800 Apps During Attack Surge

More than 800 Google Android apps have been targeted by a surge in PIN-stealing hack attacks. What you need to know.
Live Science

Hackers used AI to steal hundreds of millions of Mexican government and private citizen records in one of the largest cybersecurity breaches ever

A group of hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months. Nine Mexican ...
Crypto Briefing

AI coding agents hacked via prompt injection, impacting Google and Anthropic markets

AI coding agents from Anthropic and Google were hacked, leading to a drop in confidence; Google’s top AI model by June 2026 ...
SecurityWeek

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

Anthropic’s Claude Code Security Review, Google’s Gemini CLI Action, and GitHub Copilot Agent hacked via prompt injection ...

Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft

Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...
The Next Web

Anthropic, Google, and Microsoft paid AI agent bug bounties, then kept quiet about the flaws

Researchers hijacked Claude, Gemini, and Copilot AI agents via prompt injection to steal API keys and tokens. All three ...
SecurityWeek

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.
Hackaday

This Week In Security: Flatpak Fixes, Android Malware, And SCADA Was IOT Before IOT Was Cool

Rowhammer attacks have been around since 2014, and mitigations are in place in most modern systems, but the team at gddr6.fail has found ways to apply the attack to current-generation GPUs.
The Hacker News

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-linked actors target U.S. PLCs using Dropbear and SSH access, disrupting OT systems across sectors and escalating cyber ...

Techie Tonic: Two CISOs warn Axios breach changes supply chain trust model

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...