SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Florida woman goes to Steak ’n Shake. Then she realizes she now needs to scan a QR code to dispense Coca-Cola

When Shandeia (@shandeeeezy) stopped at a Steak ’n Shake in Gainesville, Florida, and encountered something she’d never seen ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

AI is writing almost all startup code. That's creating a new problem.

Business Insider surveyed dozens of founders to understand how coding has changed with AI. Speed is a double-edged sword ...

New Open-Source FPGA Code is Poised to Bring Private Payments, Verifiable AI, and Instant Gaming to Ethereum Layer 2s

San Francisco, CA - First public release of a complete FPGA implementation for zero-knowledge proofs could finally make ZK-rollups cheap enough for consumer-scale applications. A team of hardware and ...

India Code: why a consolidated source for all Indian laws should be treated as a moral imperative

India's legal provisions are not just a maze, often befuddling in volume and complexity, they are scattered across myriad ...
Georgia Recorder

Ballot QR code bill headed to governor after Georgia lawmakers scale back hand-counting requirement

The bill allows Georgia to continue using QR codes to tally votes until 2028, meaning they will still be in place for this ...

Georgia’s QR codes for counting votes will remain for midterms after lawmakers vote to delay a fix

Georgia will stick with an embattled vote-counting method that relies on QR codes for this year’s midterm elections after ...
GamingOnLinux

Have an AMD GPU? You can build your own SteamOS Steam Machine

Now that we've seen the price of the Steam Machine - here's a reminder, you really can just build your own if you want with ...

Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...
The Times-Tribune

Law enforcement to discuss skill games enforcement after high court ruling

Law enforcement in Northeast Pennsylvania will discuss potential skill games enforcement following a recent state Supreme Court ruling that the game terminals are illegal slot machines ...
The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...