Developer Tech

OpenAI deploys GPT-5.5-Cyber for open-source vulnerability fixes

OpenAI has deployed GPT-5.5-Cyber to execute automated open-source vulnerability remediation alongside security firm Trail of ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

Some local police have access to an ICE facial recognition app

A document from the Department of Homeland Security outlines plans to issue local police facial recognition technology used ...
Security Boulevard

When AI Agents Become Bots: A Field Report from the Authentication Layer

Security vendors and their customers have spent considerable time debating where to draw the line between “legitimate” AI agents and “malicious” bots. A 31-day campaign against a major consumer ...
CSOonline

FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses

A widely active phishing-as-a-service (PhaaS) operation known as FlowerStorm has begun using a browser-based virtual machine to conceal credential theft code, marking what researchers say is an ...
The Hacker News

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

A malicious Hugging Face repository managed to take a spot in the platform's trending list by impersonating OpenAI's Privacy Filter open-weight model to deliver a ...
VentureBeat

Anthropic Skill scanners passed every check. The malicious code rode in on a test file.

Picture this scenario: An Anthropic Skill scanner runs a full analysis of a Skill pulled from ClawHub or skills.sh. Its markdown instructions are clean, and no prompt injection is detected. No shell ...
SiliconANGLE

SpaceX’s stratospheric IPO hopes, OpenAI’s ridiculous round and the agentic AI gap

Can Elon Musk pull off the mother of all IPOs? This week his SpaceX reportedly filed confidentially for a $75 billion initial public offering that could value it at $1.75T. It would be the largest IPO ...
IEEE

Binary Diffing via Library Signatures

Abstract: Binary diffing is the problem of determining whether two binary programs originate from the same source code. Binary diffing tools are used to identify malware, plagiarism, or code theft.
Wired

Security News This Week: Moltbook, the Social Network for AI Agents, Exposed Real Humans’ Data

An analysis by WIRED this week found that ICE and CBP’s face recognition app Mobile Fortify, which is being used to identify people across the United States, isn’t actually designed to verify who ...
The Hacker News

5 Threats That Reshaped Web Security This Year [2025]

As 2025 draws to a close, security professionals face a sobering realization: the traditional playbook for web security has become dangerously obsolete. AI-powered attacks, evolving injection ...
TechRadar

Thousands of web pages abused by hackers to spread malware

UNC5142 hacked 14,000+ WordPress sites to distribute malware Malware payloads were fetched from blockchain, boosting resilience and hindering takedowns ClickFix lures tricked users into running ...