The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
MUO on MSN

My home server finally got a front page worth opening every morning

Homelabs deserve better dashboards.

With Just 1 Click, Researchers Figured Out How to Hijack Microsoft Copilot to Steal Your Data

A recent Microsoft Copilot exploit demonstrates how AI can make existing cybersecurity bugs even more virulent.
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
Bleeping Computer

WP Maps Pro bug exploited to create admin accounts on WordPress sites

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue administrator accounts without authentication. The vulnerability, tracked ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Tech Times

Home Assistant Android 2026.6.2 Beta Patches URI Hijack Risk, Adds Native Barcode Scanner

Home Assistant Android update 2026.6.2 beta patches a URI intent-hijacking vulnerability that could let attackers reach ...
GitHub

A simpler, extendable bidirectional communication Frame between Android WebView and Javascript

Ajax method parameter is a JS object, the object contains type, url, dataType three string parameters, data parameter is an object, success and error is JS callback ...
GitHub

botesjuan/Burp-Suite-Certified-Practitioner-Exam-Study

Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...