Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

Got a spare PC? How to open-source your smart home - for free

Once you've added a device, you can then control it from the Home Assistant dashboard. You can add as many areas and devices ...
Homeland Security Today

New CISA Guide Assists Federal Agencies with Transitioning to Modernized Zero Trust Architectures

“With this guide, CISA helps agencies realize the benefits of zero trust architectures and the flexibilities of TIC 3.0.” Launched last year with microsegmentation guide, this ongoing series provides ...

Minimus opens catalog of hardened container images to all developers

Developers get unrestricted access to thousands of nearly CVE-free images from the Minimus catalog of distroless, hardened container images.
techtimes

OpenAI Daybreak Expands Patch Pipeline as Five Eyes Warns AI Attacks Are Months Away

The same day OpenAI announced the most significant expansion of its Daybreak cybersecurity initiative since the platform launched in May, intelligence agencies from all five nations of the Five Eyes ...
The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...
The Hacker News

LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of ...