Hackers asked Meta’s AI chatbot to hand over Instagram accounts, and it did
 Hackers asked Meta’s AI chatbot to hand over Instagram accounts, and it did

No phishing link. No malware. No SIM swap. Hackers took over high-profile Instagram accounts over the weekend by doing something disarmingly simple: they asked Meta’s AI customer support chatbot to change the email address on someone else’s account. Th…

, , , ,
A popular OpenAI Codex tool with 29,000 weekly downloads has been quietly stealing developer tokens for a month
 A popular OpenAI Codex tool with 29,000 weekly downloads has been quietly stealing developer tokens for a month

The npm package looked legitimate. It had an active GitHub repository, steady development history, and roughly 29,000 weekly downloads. For developers using OpenAI Codex, it offered exactly what it advertised: a remote web UI for the AI coding tool. Bu…

, ,
One click on GitHub.dev is all it takes to hand over your private repositories
 One click on GitHub.dev is all it takes to hand over your private repositories

Every developer who has ever pressed the period key on a GitHub repository, launching the convenient browser-based VS Code editor known as GitHub.dev, has unknowingly accepted a bargain. In exchange for a lightweight coding environment, GitHub silently…

,
Microsoft is ditching password-based authentication tomorrow – Edge browser will switch to Windows Hello access

Edge’s password manager is getting an upgrade as it ditches decades-old solutions.

, , , ,
xAI Asks Court to Strip Alleged Grok Deepfake Nudes Victims of Anonymity

Four people suing Elon Musk’s AI firm under pseudonyms due to the risks of being identified may face a difficult choice: Reveal your real names, or drop the lawsuit.

, , , , ,
Virtual barbarians at the gate: securing the AI blind spot
 Virtual barbarians at the gate: securing the AI blind spot

Many companies have quickly moved to adopt artificial intelligence in their systems, embedding it into virtually everything from customer apps to internal systems. That speed has created new pressure for security teams, because AI-enabled applications …

,
Ultrahuman says hackers accessed customers’ wellness data via internal tool

The breach at wearable ring maker Ultrahuman stemmed from credentials stolen from a malware-infected employee laptop.

, , ,
‘You can no longer do things at human ​scale’: Cisco releases AI agent botnet that works on behalf of your business

Cyberspace has become an AI battlefield, and Cisco wants in on the action.

, , , ,
Instagram is alerting users who were targeted by hackers during AI chatbot attacks

Hackers appeared to take over victims’ accounts even after Meta said it fixed its AI-powered support chatbot, which granted hackers access to victims’ accounts.

, , , , , , ,
Weedhack malware campaign infects 116,000 mod-hungry Minecraft players systems through SEO poisoning and YouTube

Fake mods and clients are being advertised on YouTube and used to deploy backdoors and infostealers.

, , , ,