Polish intelligence warns hackers attacked water treatment control systems

/in

The agency did not publicly attribute the incidents to a specific group or country but said Poland faced intensified hostile cyber activity in 2024 and 2025, “with particular emphasis on the special services of the Russian Federation.”

The Record from Recorded Future News – ​Read More

AI Coding Agents Could Fuel Next Supply Chain Crisis

/in

“TrustFall” attack shows how AI coding agents can be manipulated into launching stealthy supply chain compromises.

The post AI Coding Agents Could Fuel Next Supply Chain Crisis appeared first on SecurityWeek.

SecurityWeek – ​Read More

‘TrustFall’ Exposes Claude Code Execution Risk

/in

Researchers find malicious repositories can trigger code execution in Claude Code with minimal or no user interaction.

darkreading – ​Read More

World’s First AI-Driven Cyberattack Couldn’t Breach OT Systems

/in

The most sophisticated AI-integrated campaign to date hit a brick wall in the form of a SCADA login screen.

darkreading – ​Read More

10 secret Netflix codes I use to find hidden movies – try them now

/in

Netflix codes make it easy to find buried genres and micro-categories. Here’s how to use them – and my favorite ones.

Latest news – ​Read More

Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain Attack

/in

Attackers could inject prompts into a GitHub issue and take over the AI agent designed to automatically triage the issue.

The post Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain Attack appeared first on SecurityWeek.

SecurityWeek – ​Read More

Scammers Use Hidden Text to Bypass AI Email Filters in Phishing Scams

/in

Scammers are hiding invisible text inside phishing emails to manipulate AI-powered email filters and increase the chances of scams reaching inboxes.

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

Thousands of Vibe-Coded Apps Expose Corporate and Personal Data on the Open Web

/in

Companies like Lovable, Base44, Replit, and Netlify use AI to let anyone build a web app in seconds—and in thousands of cases, spill highly sensitive data onto the public internet.

Security Latest – ​Read More

Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion

/in

Dragos has published a report describing how threat actors used Claude AI in an attack on a water and drainage utility in Mexico.

The post Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion appeared first on SecurityWeek.

SecurityWeek – ​Read More

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

/in

A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems.
vm2 is an open-source library used to run untrusted JavaScript code inside a secure sandbox by intercepting and proxying JavaScript objects to prevent sandboxed code from accessing the host

The Hacker News – ​Read More