SecurityWeek

Vulnerability in OpenAI Coding Agent Could Facilitate Attacks on Developers

OpenAI recently patched a Codex CLI vulnerability that can be exploited in attacks aimed at software developers.
The Hacker News

Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools

Malicious npm package mimics an ESLint plugin, embeds an AI-tricking prompt, and steals environment variables via a ...

Anthropic study says AI agents developed $4.6M in smart contract bugs

Researchers showed that off-the-shelf AI models can independently craft multimillion-dollar smart contract exploits, and the economic barrier to launching these attacks is dropping sharply.