Hackaday

This Week In Security: Messing With AI, 7Zip And Notepad++ Vulnerabilities, HTTP2 Bomb, And More

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...

Scammers are using a fake captcha hack to steal your personal information: ‘Verify you’re human.’ Here’s the big red flag to watch for

Clicking a captcha "I am not a robot" box and identifying images to prove it is second nature for many internet users. Now, ...
Decrypt

What Is an AI Prompt Injection Attack? The Hidden Threat Hijacking Your Chatbots

Hackers can hijack ChatGPT, Claude, and Gemini with nothing but a sentence. OpenAI says the problem may never be fully solved.

AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...

WordPress malware campaign hides payloads in Steam profiles

Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data.
The Hacker News

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

Weedhack malware targets Minecraft players via YouTube and SEO poisoning since Jan 2026, enabling credential theft and remote ...