SecurityWeek

Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant

A Chrome vulnerability allowed malicious extensions to hijack the browser’s Gemini Live assistant to spy on users and exfiltrate data.

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages ...

Cursor is rolling out a new kind of agentic coding tool

Called Automations, the new system gives users a way to automatically launch agents within their coding environment, triggered by a new addition to the codebase, a Slack message, or a simple timer.
CoinDesk

AI tool catches critical XRP Ledger bug that could have drained wallets

The vulnerability in the Batch amendment's signature validation was found during the voting phase and never reached mainnet, ...

Endor Labs launches free tool AURI after study finds only 10% of AI-generated code is secure

Endor Labs launches AURI, a free security platform that embeds directly into AI coding assistants like Cursor and Claude to catch vulnerabilities in AI-generated code before they ship to production.
Microsoft

Malicious AI Assistant Extensions Harvest LLM Chat Histories

Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek.