The Hacker News (Security) Articles

Updated 2 min ago · 7 articles from The Hacker News (Security)

The Hacker News (Security) 22 hr ago

Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants

Cybersecurity researchers have disclosed details of a now-patched critical session isolation vulnerability in Writer, an enterprise generative artificial int...

The Hacker News (Security) 1d ago

⚡ Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware and More

A streaming box should not need a threat model. Neither should a username field, a demo repo, a reset flow, or a browser permission prompt. That is the irrit...

The Hacker News (Security) 2d ago

SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing

Scanners meant to catch malicious add-on "skills" for AI coding agents can be fooled by a few simple changes that leave the malware working, according to a n...

The Hacker News (Security) 4d ago

New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It...

The Hacker News (Security) 6d ago

Identity Lifecycle Management Wasn't Built for AI Agents 

Identity lifecycle management was architected around a person with an employment record, a manager, and a departure date. AI agents have none of those. As au...

The Hacker News (Security) 6d ago

AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack

Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team call...

The Hacker News (Security) 6d ago

AI-Generated Browser Ransomware Abuses Chromium API on Windows, Linux, macOS, Android

Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-ma...