The Hacker News

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

Five malicious Rust crates and an AI bot exploited CI/CD pipelines and GitHub Actions in Feb 2026, stealing developer secrets ...

Google: Cloud attacks exploit flaws more than weak credentials

Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days.

An AI Agent Broke Into McKinsey’s Internal Chatbot and Accessed Millions of Records in Just 2 Hours

A red-team experiment found an AI agent could autonomously exploit a vulnerability in McKinsey’s internal chatbot platform, exposing millions of conversations before the issue was patched.

SAP Patch Day: NetWeaver vulnerability allows code injection

In March, SAP addresses partly critical security vulnerabilities in various products in 15 advisories. Admins must act.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Fake Claude Code Spreads Malware to Windows, macOS Users

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows and macOS systems.

Claude AI discovered 22 Firefox flaws. Here's how many it figured out how to exploit.

AI tools are getting better at cybersecurity.