Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with running a seemingly benign GitHub repository could execute a malicious payload that is ...
Under the Radar

Deep Sea Diver

Deep Sea Diver’s sound has always been trademarked by a sense of weightlessness. Even when the going got tough, singer/guitarist Jessica Dobson’s deft delivery carried an expansive light-touch. And on ...
Tech Times

AI Deep Research Flaw: Single Reddit Comment Steers Consumers to Scams

Cornell Tech researchers found that a 13-word Reddit comment can cause ChatGPT and Gemini to recommend fake products, ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.