TechRepublic

GitLab Vulnerability ‘Highlights the Double-Edged Nature of AI Assistants’

GitLab Vulnerability ‘Highlights the Double-Edged Nature of AI Assistants’ Your email has been sent A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and ...
The Hacker News

Critical React Native CLI Flaw Exposed Millions of Developers to Remote Attacks

The vulnerability, tracked as CVE-2025-11953, carries a CVSS score of 9.8 out of a maximum of 10.0, indicating critical severity. It also affects the "@react-native-community/cli-server-api" package ...

New AI browsers boast hands-free browsing — but are vulnerable to dangerous ‘prompt injections.’ Here’s how to stay safe

They’re smart, fast and convenient — but AI browsers can also be fooled by malicious code. Here’s what to know before you try ...
Yahoo Finance

'CopyPasta' Attack Shows How Prompt Injections Could Infect AI at Scale

Hackers can now weaponize AI coding assistants using nothing more than a booby-trapped license file, turning developer tools into silent spreaders of malicious code. That’s according to a new report ...
Bleeping Computer

Heavily used Node.js package has a code injection vulnerability

A heavily downloaded Node.js library has a high severity command injection vulnerability revealed this month. Tracked as CVE-2021-21315, the bug impacts the "systeminformation" npm component which ...