The Hacker News

Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs

High-severity flaws in the Chainlit AI framework could allow attackers to steal files, leak API keys & perform SSRF attacks; ...

MIT’s new ‘recursive’ framework lets LLMs process 10 million tokens without context rot

While standard models suffer from context rot as data grows, MIT’s new Recursive Language Model (RLM) framework treats ...
Coinspeaker

Chainalysis Launches No-Code Automation Workflows For Blockchain Intelligence

Chainalysis launches Workflows, a no-code tool automating blockchain data analytics without requiring SQL or Python expertise.

As if LinkedIn messages couldn't get any worse, hackers are using them to install malware on people's PCs

Once up and running, that malicious DLL file pops a Python interpreter onto the system, which runs a script to create a ...
eWeek

Emergent Launches Vibe Coding Platform After $23M Raise

The firm is explicitly targeting small business owners, aspiring founders, and creators who may not have access to ...
SecurityWeek

Chainlit Vulnerabilities May Leak Sensitive Information

Vulnerabilities in Chainlit could be exploited without user interaction to exfiltrate environment variables, credentials, ...
Decrypt

Elon Musk’s X Open-Sources Grok-Powered Algorithm Driving 'For You' Feed

The social media platform has taken a step towards transparency amid ongoing battles over platform spam and non-consensual AI ...
CSO Online

CrashFix attack hijacks browser failures to deliver ModelRAT malware via fake Chrome extension

A malicious extension impersonating an ad blocker forces repeated browser crashes before pushing victims to run ...
CSO Online

Flaws in Chainlit AI dev framework expose servers to compromise

Security researchers uncovered two vulnerabilities in the popular Python-based AI app building tool that could allow ...
Dark Reading

'CrashFix' Scam Crashes Browsers, Delivers Malware

The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a ...

Fake ad blocker extension crashes the browser for ClickFix attacks

A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the ...