The Hacker News

Toxic Combinations: When Cross-App Permissions Stack into Risk

Toxic combinations form when AI agents, integrations, or OAuth grants bridge SaaS apps into trust relationships no single ...

New GoGra malware for Linux uses Microsoft Graph API for comms

A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy ...
EDN

How to implement OTA firmware update on MCUs

The design example shows OTA firmware update performed on a microcontroller using the "staging + copy" method.

Open source is not the problem, but its misuse by corporations

Corporations strategically control markets with open-source software. The community participates without realizing that the ...
Security Boulevard

Vercel Breach: How a Roblox Cheat Download Led to a $2M Data Heist Through AI Tool OAuth Abuse

Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...

OpenAI launches ChatGPT Images 2.0, Codex Labs developer training service

OpenAI Group PBC today launched ChatGPT Images 2.0, an upgraded version of the image generator built into its popular chatbot. The company also debuted a new technical training service called Codex ...

Kimi K2.6 runs agents for days — and exposes the limits of enterprise orchestration

Moonshot AI's Kimi K2.6 can run agents for days without human intervention, exposing a critical gap in orchestration ...

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal ...

OpenAI Beefs Up ChatGPT’s Image Generation Model

The ChatGPT Images 2.0 model is here. Our testing shows it’s better at creating more detailed images and rendering text, but ...

Lovable left AI prompts and user data exposed, one researcher found

A bug allowed access to chat histories, source code, and customer data in public projects. The vibe-coding platform says the ...