DataBreachToday

Hacking as a Prompt: Malicious LLMs Find Users

The cybercrime-as-a-service model has a new product line, with malicious large language models built without ethical ...
The Hacker News

Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

More than 30 security flaws in AI-powered IDEs allow data leaks and remote code execution, showing major risks in modern ...
The Hacker News

JPCERT Confirms Active Command Injection Attacks on Array AG Gateways

Command injection attacks on Array AG gateways exploiting DesktopDirect since Aug 2025 prompt JPCERT to urge fast patching.
CSO Online

RCE flaw in OpenAI’s Codex CLI highlights new risks to dev environments

Researchers found that .env files inside cloned repositories could be used to change the Codex CLI home directory path and ...
HealthcareInfoSecurity

Codex Bug Let Repo Files Execute Hidden Commands

OpenAI patched a command injection flaw in its Codex CLI tool that let attackers run arbitrary commands on developer machines ...