Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...
Security Boulevard

5 Capabilities of Workload Access Managers – And Why WAM Isn’t WIM

Legacy IAM can't govern autonomous AI agents that spin up, execute and terminate in seconds. New identity patterns are now emerging. The post 5 Capabilities of Workload Access Managers – And Why WAM ...

Usage-based pricing killing your vibe - here's how to roll your own local AI coding agents

With model devs pushing more aggressive rate limits, raising prices, or even abandoning subscriptions for usage-based pricing ...
SecurityWeek

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

The stealthy Python-based backdoor framework deploys a persistent Windows implant likely designed for espionage.

The most severe Linux threat to surface in years catches the world flat-footed

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of ...
Cybernews

One tiny exploit gives full Linux access: all kernels since 2017 are vulnerable

The critical "Copy Fail" bug (CVE-2026-31431) affects all Linux kernels since 2017, allowing unprivileged local users to gain ...

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install backdoors.
KOIN 6

Ex-Adidas exec files lawsuit, claims gender discrimination and retaliation

PORTLAND, Ore. (KOIN) – A former Adidas executive is suing the company, alleging gender discrimination and retaliation. Lindsay Gregg, who was Adidas’ head of women’s basketball marketing, is seeking ...
Fox News

Iran to execute first female protester tied to anti-regime unrest

Iran is set to execute its first female protester tied to the January 2026 uprising in Tehran, according to multiple human rights organizations. Bita Hemmati was named in a collective death sentencing ...