The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...
GitHub

DeepCode: Open Agentic Coding

We evaluate DeepCode on the PaperBench benchmark (released by OpenAI), a rigorous testbed requiring AI agents to independently reproduce 20 ICML 2024 papers from scratch. The benchmark comprises 8,316 ...

How AI coding agents work—and what to remember if you use them

At the core of every AI coding agent is a technology called a large language model (LLM), which is a type of neural network ...
CSO Online

Webrat turns GitHub PoCs into a malware trap

The known RAT aimed at gamers is now targeting security professionals searching GitHub for PoCs and exploit codes.
GitHub

bethington/cheat-engine-server-python

This server operates in READ-ONLY mode for safety. It can read and analyze memory but cannot modify it. All operations are logged for security auditing.
The Hacker News

Researcher Uncovers 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated Development Environments (IDEs) that combine prompt injection primitives with legitimate ...