Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
itechhacks

How to Start Jupyter Notebook From Command Line (Windows, Mac & Linux)

Jupyter Notebook is a tool to run and write Python code easily, showing results right away, and allowing you to combine code, charts, notes, and files in one place. You can start Jupyter Notebook ...

CleanFinder brings browser-based genome editing analysis to labs without coding

Genome editing lets scientists rewrite DNA, the instruction manual inside every living cell, with a precision that was unthinkable a generation ago. Technologies such as CRISPR have made this almost ...

ChatGPT’s New Internet Browser Can Run 90% of a One-Person Business (No Hiring Required)

Most entrepreneurs still don’t know ChatGPT has a browser. It’s called Atlas, and it doesn’t just search the web — it executes inside your workflow. Research, plan, ship: You delegate, it delivers. No ...
The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
CSO Online

Microsoft says web-enabled AI agents can trigger host-level RCE

Microsoft’s AutoJack research shows how a malicious webpage rendered by an AI browsing agent can reach local MCP services and ...
The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...
Security Boulevard

When AI Agents Become Bots: A Field Report from the Authentication Layer

Security vendors and their customers have spent considerable time debating where to draw the line between “legitimate” AI agents and “malicious” bots. A 31-day campaign against a major consumer ...
thetechedvocate.org

How to run Python script

Python is one of the most popular programming languages today, widely praised for its simplicity and versatility. Whether you’re a beginner dipping your toes into coding or an experienced developer ...
Columbus Dispatch

Columbus police investigating shooting that killed 2 as murder-suicide

Columbus police homicide detectives are investigating a shooting that killed two people at an apartment on the city's Northwest Side near Hilliard as a murder-suicide. Shaun Stevens, 39, appears to ...
theregister

GitHub pulls pin on npm's auto-run scripts

GitHub will change npm's defaults so the install command no longer runs scripts automatically, disabling a feature commonly exploited by malicious packages such as the notorious Shai-Hulud worm.