Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

Renowned infantry battalion’s senior leaders removed from command pending probe

Spokesperson Andrée-Anne Poulin said Commanding Officer Lieutenant-Colonel Jason Hudson and Chief Warrant Officer Kim Doerr ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

St. Louis police board votes to approve raises for command staff

The proposal would increase salaries for police lieutenants, captains, majors and lieutenant colonels, and calls for raises ...
Morning Overview on MSN

The fake-CAPTCHA trick spreading now asks you to paste a command that installs malware

The Federal Trade Commission issued a consumer alert in June 2026 warning that a new breed of fake CAPTCHA pop-ups is ...

Tampa Bay region emerges as key player in federal policymaking as Florida's influence grows

Each year, federal agencies issue thousands of proposed and final rules with significant economic implications. Companies ...

US-Iran talks begin in Switzerland as Tehran says it closed Strait of Hormuz

Iran said Israel's continued attacks in Lebanon are a breach of Tehran's agreement with the US to end the war.
Telegraph Herald

U.S. slaps new sanctions on Cuban companies key to island's crumbling economy

The U.S. hit Cuban state companies on Tuesday with new sanctions that analysts say are expected to spook foreign investors and deepen a severe economic ...
CPO Magazine

Over 100 AI Coding Agents Taken Over Via New “Agentjacking” Attack

The new “agentjacking” attack takes almost no real hacking ability to pull off. It's predicated on pulling a public ...

Microsoft discovers new lightweight backdoor that steals cryptocurrency

Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...
The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...