The Hacker News

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services ...
Bleeping Computer

CISA says hackers breached federal agency using GeoServer exploit

CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer instance. While the ...
MIT Technology Review

AI models are using material from retracted scientific papers

Some companies are working to remedy the issue. Some AI chatbots rely on flawed research from retracted scientific papers to answer questions, according to recent studies. The findings, confirmed by ...
CSOonline

AI-powered phishing scams now use fake captcha pages to evade detection

Attackers are exploiting low-code AI platforms such as Vercel, Netlify, and Lovable to rapidly build phishing sites that look legitimate, trick users, and bypass automated security tools. In an ...