Worrying open-source security issue 'BadHost' could affect millions of AI agents

The risk is "materially understated", researchers are saying as passwords and critical data can be exfiltrated.
Hackaday

Web-Based Control For A CB Radio

There was a time when a CB radio was a simple affair: a small box with a channel selector, volume, and squelch controls. No ...

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...
The Hacker News

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

PCPJack built a 230-node SMTP relay from hijacked cloud servers, syncing verified proxies every five minutes for scalable ...
InfoWorld

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...
The Hacker News

VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances

VerdantBamboo used BRICKSTORM, PLENET, and AGENTPSD after an 18-month breach, enabling stealthy Linux appliance access.

Fritz SmartEnergy 250: PV battery control via emulation

If you use batteries with a balcony power plant, you can control them according to your needs. Can Fritz SmartEnergy 250 ...

AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...

TypeScript devs no longer need to tangle with C# to use Aspire dev stack after Microsoft update

Aspire is a powerful tool for developers but not well understood – and pure TypeScript AppHost may broaden its appeal ...
XDA Developers on MSN

I finally built the central AI hub I've been wanting, and Open WebUI made it stupidly simple

I connected Open WebUI to my local LLMs, AI tools, and MCP servers, and my setup finally feels finished ...

Chinese APT deploys new malware to keep access to hacked networks

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and ...
RedShark News

Frame.io update: Japanese support, Firefly and SDK updates

Frame.io adds Japanese language support, Adobe Firefly asset integration, zero-click Premiere sign-in, and updated Python and TypeScript SDKs for V4.