DryRun Security Finds Over 80% of Large Language Model Application Risks Go Undetected by Traditional Code Scanners

DryRun Security, the industry's first AI-native, code security intelligence company, today announced analysis of the 2025 OWASP Top 10 for LLM Application Risks. Findings show that legacy AppSec ...

AI Browsers Face A New Kind Of Attack, And It Puts Your Privacy At Risk

Despite promises of ease and convenience, so-called AI browsers remain a horror-show of ever-growing security vulnerabilities ...

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts ...
The Hacker News

Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

More than 30 security flaws in AI-powered IDEs allow data leaks and remote code execution, showing major risks in modern ...

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence ...
The Hacker News

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

Storm-0249 now employs ClickFix, fileless PowerShell, and DLL sideloading to gain stealthy access that enables ransomware ...
Infosecurity Magazine

ClickFix Social Engineering Sparks Rise of CastleLoader Attacks

A new malware campaign has been identified using a Python-based delivery system to deploy CastleLoader malware ...