Hackaday

This Week In Security: Vibecoding, Router Banning, And Remote Dynamic Dependencies

Vibecoding. What could possible go wrong? That’s what [Kevin Joensen] of Baldur wondered, and to find out he asked ...

Hackers can use prompt injection attacks to hijack your AI chats — here's how to avoid this serious security flaw

Prompt injection attacks are a security flaw that exploits a loophole in AI models, and they assist hackers in taking over ...

Russian hackers abuse Hyper-V to hide malware in Linux VMs

The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response ...

CISA warns of critical CentOS Web Panel bug exploited in attacks

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning that threat actors are exploiting a critical remote command execution flaw in CentOS Web Panel (CWP).
Infosecurity Magazine

Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection

Three of Anthropic’s Claude Desktop extensions were vulnerable to command injection – flaws that have now been fixed ...
CSO Online

Chinese hackers target Western diplomats using hard-to-patch Windows shortcut flaw

Chinese hackers have been spotted targeting European diplomats using a longstanding Windows shortcut vulnerability that’s been popular with threat groups as far back as 2017.