- Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injectionby info@thehackernews.com (The Hacker News) on 01/08/2025 at 15:31
Cybersecurity researchers have disclosed a now-patched, high-severity security flaw in Cursor, a popular artificial intelligence (AI) code editor, that could result in remote code execution. The vulnerability, tracked as CVE-2025-54135 (CVSS score: 8.6), has been addressed in version 1.3 released on July 29, 2025. It has been codenamed CurXecute by Aim Labs, which previously disclosed EchoLeak.
- Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accountsby info@thehackernews.com (The Hacker News) on 01/08/2025 at 13:02
Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. "The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign," Proofpoint said in a Thursday report. The
- AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedownby info@thehackernews.com (The Hacker News) on 01/08/2025 at 12:20
Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer "advanced license validation and registry optimization utilities for high-performance Node.js applications." It was uploaded to npm by a user named "Kodane" on July 28, 2025. The
- You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Themby info@thehackernews.com (The Hacker News) on 01/08/2025 at 11:00
Just as triathletes know that peak performance requires more than expensive gear, cybersecurity teams are discovering that AI success depends less on the tools they deploy and more on the data that powers them The junk food problem in cybersecurity Imagine a triathlete who spares no expense on equipment—carbon fiber bikes, hydrodynamic wetsuits, precision GPS watches—but fuels their
- Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacksby info@thehackernews.com (The Hacker News) on 01/08/2025 at 08:44
The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control (C2) framework called AK47 C2 (also spelled ak47c2) in its operations. The framework includes at least two different types of clients, HTTP-based and Domain Name System (DNS)-based, which have been dubbed AK47HTTP and AK47DNS, respectively, by