The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.
InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

ComfyUI servers: Attackers turn instances into a cryptominer proxy botnet

More than 1000 ComfyUI servers are exposed to the internet. Attackers exploit misconfigurations to add instances to a botnet.
XDA Developers on MSN

I built 3 Python apps with Claude Code that actually saved me time

Reclaiming my time, one prompt at a time ...

‘Anti-Al’ attacker who tried to murder OpenAI CEO Sam Altman found ChatGPT ‘awesome’ because…

Accused Molotov cocktail thrower Daniel Moreno-Gama, once a ChatGPT fan for 'cheating,' turned AI 'hater' after reading critics like Eliezer Yudkowsky. He joined peaceful activism groups like PauseAI, ...
Analytics India Magazine

New Research Finds Seven ‘Deadly’ Vulnerabilities in AI Benchmarks

A team of researchers from UC Berkeley have demonstrated that eight AI agent benchmarks can be manipulated to produce ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

Pennsylvania Uber Driver Finds Live Python in Trunk After Passengers Drop Their 'Bag Contents' During Ride

The driver found the reptile the morning after a ride from a Philadelphia reptile show. Police say the snake was safely ...

Army uses landmine-hunting drones for first time

The Army has successfully tested a new landmine-hunting drone. The aerial drone uses AI to spot and identify explosives ...
eWeek

Anthropic's Opus 4.7 Sets a New Benchmark Bar

Claude Opus 4.7 is Anthropic's newest flagship model, boasting a jump to 64.3% on SWE-bench Pro (a brutal test of fixing real ...

Most enterprises can't stop stage-three AI agent threats, VentureBeat survey finds

How mature is your AI agent security? VentureBeat's survey of 108 enterprises maps the gap between monitoring and isolation — ...
Arabian Post

ComfyUI breach wave targets AI servers

The activity centres on unauthenticated ComfyUI deployments and the platform’s custom node ecosystem, which lets users add ...