Malicious Hugging Face Models Could Trigger Remote Code Execution

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...

Chinese APT deploys new malware to keep access to hacked networks

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and ...
The Hacker News

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

PCPJack built a 230-node SMTP relay from hijacked cloud servers, syncing verified proxies every five minutes for scalable ...

Supabase raises $500M as AI coding tools drive ‘phenomenal’ growth

The round comes just eight months after Supabase closed on its Series E and means it has now raised over $1 billion in total ...
CSO Online

Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...
diginomica

Determinism all the way down – how UiPath's market bet and the engine beneath it turn out to be the same idea

UiPath cofounder and CEO Daniel Dines goes deep on the machinery under the platform – the Temporal engine that lets an ...
Tech Times

AI vs AI Cybersecurity: Sysdig Documents First LLM-Agent Intrusion in the Wild

AI vs AI cybersecurity arrived in documented form on May 10, when an LLM agent drove a four-pivot intrusion to database exfiltration in under an hour with no human direction. CrowdStrike data puts ...

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...
Tech Times

llama.cpp GGUF Parser Flaws: Critical Integer Overflow Enables Arbitrary Reads in Every Local AI Stack

GGUF parser vulnerabilities disclosed May 15, 2026 include a critical integer overflow that lets any malicious model file ...
GitHub

Revitalizing Convolutional Network for Image Restoration

All resulting images and pre-trained models are available in the provided links. 11/26/2024 Code for real haze and haze4k are released. 07/22/2024 We release the code for dehazing (ITS/OTS), desnowing ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.