North Korean Hackers Target Open Source Developers in Supply Chain Attacks 

The PolinRider campaign has compromised more than 100 legitimate open source packages and repositories to deliver a backdoor and information stealer to developers.
The post North Korean Hackers Target Open Source Developers in Supply Chain Attacks  app… Continue reading North Korean Hackers Target Open Source Developers in Supply Chain Attacks 

Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability

Organizations are urged to patch after proof-of-concept code makes the Linux root escalation flaw easier to exploit.
The post Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability appeared first on SecurityWeek.
Continue reading Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability

Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments

Researchers uncovered two campaigns embedding indirect prompt injections in malicious websites to exploit autonomous AI agents browsing the web.
The post Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments appeared first on SecurityWeek.
Continue reading Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments

Google, FBI Disrupt NetNut Residential Proxy Network Powered by Millions of Devices

NetNut rented access to millions of compromised devices, allowing cybercriminals and nation-state actors to mask their identities during attacks.
The post Google, FBI Disrupt NetNut Residential Proxy Network Powered by Millions of Devices appeared firs… Continue reading Google, FBI Disrupt NetNut Residential Proxy Network Powered by Millions of Devices

Critical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code Execution

The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor’s sandbox and execute arbitrary code on the underlying operating system.
The post Critical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code Execut… Continue reading Critical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code Execution