Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
latesthackingnews.com

Reverse Shell Explained: Setup, Attack Chain, and Detection

A reverse shell makes the target machine initiate the connection back to the attacker, bypassing firewalls that only filter ...
The Hacker News

New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis

SentinelOne details Gaslight, a Rust-based macOS implant linked to North Korea-aligned actors that uses prompt injection to ...
Infosecurity Magazine

macOS Backdoor Uses Prompt Injection to Evade AI Triage

A North Korea-linked macOS backdoor has been caught hiding a prompt injection that targets malware analyst's AI tools, rather ...
Bleeping Computer

Chinese APT deploys new malware to keep access to hacked networks

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware named Plenet and AgentPSD. An investigation ...
Tribune News Service on MSN

Healing waters in France

We did it. We entered the world of retirement, more out of mental necessity vs. financial freedom. The corporate world had ...
GitHub

a-shell: A terminal for iOS, with multiple windows

The goal in this project is to provide a simple Unix-like terminal on iOS. It uses ios_system for command interpretation, and includes all commands from the ios_system ecosystem (nslookup, whois, ...
International Business Times

Malicious GitHub Repositories Could Trick AI Coding Agents Into Running Hidden Malware, Researchers Warn

Researchers warn malicious GitHub repositories can trick AI coding agents into running hidden malware through trusted setup steps, risking developer systems and credentials. Google - Gemini A newly ...