Dark Reading

Cursor Issue Paves Way for Credential-Stealing Attacks

Researchers discovered a security weakness in the AI-powered coding tool that allows malicious MCP server to hijack Cursor's internal browser.
The Register on MSN

Google previews Code Wiki: Can you trust AI to document your repository?

Documenting code can be dull, but explaining the source code of a complex project is hard for AI to get right Google has ...
The Hacker News

New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT

ClickFix attacks deploy Amatera Stealer and NetSupport RAT through multi-stage phishing tactics across several campaigns.
CSO Online

North Korea’s ‘Job Test’ trap upgrades to JSON malware dropboxes

The long-running Contagious Interview campaign is now hiding BeaverTail and InvisibleFerret payloads inside JSON storage ...

Build Anything With the n8n Code Node : The Secret to Advanced Automations

Learn how to use the n8n Code Node to create custom automations, simplify workflows, and handle advanced tasks with ease.
The Hacker News

Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks

Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial ...
CSO Online

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser ...

An incredibly popular JavaScript library might have some worrying malware issues

A widely-adopted JavaScript library has been found carrying a critical vulnerability which could allow threat actors to ...