The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
The Hacker News

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

An AI-driven worm using a local open-weight LLM autonomously exploited and replicated across 62% of a 33-host test network in ...
Tech Times

Red Hat npm Packages Compromised, 57 More Follow: Signed Attestations Cannot Block Pipeline Hijack

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...
Morning Overview on MSN

Hackers are exploiting a maximum-severity bug in a WordPress form plugin on thousands of sites, running their own code with no login required

Thousands of WordPress sites running the Kali Forms plugin are exposed to attackers who can execute arbitrary code on web ...
Lablab.ai

AI Hackathon Success Stories (Part 2): Seven Builders Who Won Hackathons by Making AI Agents Safer

AI hackathon success stories: seven builders who won by making autonomous AI agents safer. OlympusOS, Deals Machine, Kraken ...

Microsoft patches Exchange Server zero-day exploited in attacks

Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary ...
Tech Times

Cisco Unified CM SSRF Flaw CVE-2026-20230: Public Exploit Code Opens Path to Root

Cisco Unified Communications Manager vulnerability CVE-2026-20230 allows unauthenticated attackers to gain root access via ...
CSO Online

Claude Code has an MCP security problem — and your developers are already using it

The Mitiga disclosure is the most recent, but it is not the first time Claude Code’s configuration model has created a ...