Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
techtimes

Open-Source Coding Model Ornith-1.0 Writes Its Own Training Scaffold in Reinforcement Learning

DeepReinforce today released Ornith-1.0, a family of open-source coding models built around a mechanism most RL-trained agents avoid: the model itself writes the training harness that guides its own ...

The maker of ChatGPT wants to make open-source projects less of a security bargain

As AI tools flood open-source maintainers with low quality bug reports, OpenAI's new Patch the Planet initiative aims to filter out the noise and fix real threats.
CSO Online

Klue breach exposed Salesforce CRM data through stolen OAuth tokens

An attacker broke into competitive-intelligence vendor Klue, stole OAuth tokens its customers use to connect to Salesforce ...
latesthackingnews.com

Reverse Shell Explained: Setup, Attack Chain, and Detection

A reverse shell makes the target machine initiate the connection back to the attacker, bypassing firewalls that only filter ...
The Hacker News

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

North Korea-linked ScarCruft uses fake Microsoft Account alerts and ZIP files to deliver NarwhalRAT, a Python RAT built for ...
latesthackingnews.com

LiteLLM Vulnerability Chain: What Security Teams Running AI Gateways Need to Do Now

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...

I've reviewed every PDF editor out there - then I had ChatGPT build me a better one

The smartest way to use AI may not be letting it interact with your files, but asking it to write software that handles them ...
jagranjosh.com

CBSE Class 11 Computer Science Syllabus for Board Exam 2026-27, Download Free PDF Here

Access the official CBSE Class 11 Computer Science (Subject Code 083) syllabus and evaluation blueprint for the 2026-2027 academic year. Review unit-wise marks distributions, complete Python ...
The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...
UPI

South Korea warns North Korea using autonomous hacking AI

June 10 (Asia Today) --Artificial intelligence is reshaping the cybersecurity battlefield, South Korea's spy agency warned, saying North Korean hacking groups are moving toward autonomous attacks that ...
CoinDesk

Humanity Protocol token crashes more than 80% after a $32 million private-key hack

Humanity Protocol’s H token plunged more than 80 percent after attackers stole private keys tied to the project and drained over $30 million from at least 17 wallets. The thief has been dumping stolen ...