The Hacker News

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching cycles.
The Hacker News

AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE

DNS flaw in Amazon Bedrock and critical AI vulnerabilities expose data and enable RCE, risking breaches and infrastructure ...
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
Circuit Digest

LiteWing Python Library - Quick Start Guide and API Documentation

Clone the LiteWing Library repository from GitHub using the following command: ...
GitHub

A Python 3 to Deno + worker-vm binding, helps you execute JavaScript safely.

The module launches a Deno REPL server, which can be communicated with JSON. All JavaScript code are encoded in JSON and sent to the server. After the server executing the code in vm, the result is ...
GitHub

Python scripting plugin for After Effects

Directly edit data on After Effects with Python scripts Enabled to use classes and functions with the same names as After Effects default scripts (ExtendScript, JavaScript) ...
Gizmodo

Meta Exec Learns the Hard Way That AI Can Just Delete Your Stuff

AI can get you to Inbox Zero very easily: it’ll just delete all of your messages. Over the weekend, Summer Yue, the director of safety and alignment at Meta’s superintelligence lab, posted on Twitter ...
IEEE

XShellGNN: Cross-file Web Shell Detection Based on Graph Neural Network

Abstract: In the ever-evolving digital landscape, the complexity of web technologies has significantly increased. This complexity highlights the limitations of traditional web defense mechanisms in ...