The Hacker News

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Researchers uncover wormable XMRig campaign using BYOVD exploit and LLM-built React2Shell attacks hitting 90+ hosts.
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Unite.AI

Easy Rewording Breaks AI Safety, Even for Gemini and Claude

AI safety tests found to rely on 'obvious' trigger words; with easy rephrasing, models labeled 'reasonably safe' suddenly fail, with attacks succeeding up to 98% of the time. New corporate research ...
i-SCOOP

Manus Agents

Meta has quietly launched its $2 billion acquisition, Manus, as an autonomous AI agent on Telegram. Discover how this "action engine" builds apps, analyzes data, and browses the web for you.

Anthropic releases Claude Sonnet 4.6: Benchmark performance, how to try it

Anthropic's latest flagship model, Claude Sonnet 4.6, is out now.

Claude Sonnet 4.6 delivers frontier-level AI for free and cheap-seat users

Claude Sonnet 4.6 delivers frontier-level AI for free and cheap-seat users ...
Hoodline

AI Agent Attack on Matplotlib Maintainer Rattles Silicon Valley

According to GitHub, the PR was marked as a first-time contribution and closed by a Matplotlib maintainer within hours, as ...