Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
The Hacker News

New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis

SentinelOne details Gaslight, a Rust-based macOS implant linked to North Korea-aligned actors that uses prompt injection to ...
Infosecurity Magazine

macOS Backdoor Uses Prompt Injection to Evade AI Triage

A North Korea-linked macOS backdoor has been caught hiding a prompt injection that targets malware analyst's AI tools, rather ...
Barron's

Shell PLC

Shell Plc engages in the business of producing oil and natural gas. It operates through the following segments: Integrated Gas, Upstream, Marketing, Chemicals and Products, Renewables and Energy ...
International Business Times

Malicious GitHub Repositories Could Trick AI Coding Agents Into Running Hidden Malware ...

Researchers warn malicious GitHub repositories can trick AI coding agents into running hidden malware through trusted setup steps, risking developer systems and credentials. Google - Gemini A newly ...
How-To Geek on MSN

3 must-have Linux apps to try this weekend (Jun 26-28)

Three tools that fix the terminal annoyances you've stopped noticing.
Reuters

Shell PLC

Energy exploration has picked up sharply in Australia driven by growing Asian gas demand, technological advances and an improved investment climate, with the Iran war underscoring the urgency to ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...