The Hacker News

Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability

Island found dormant JavaScript injection paths in Adblock for YouTube, a Chrome extension with 10M+ installs, raising ...

The Accessibility Tree Is How AI Agents Read Your Site & It’s Breaking

The accessibility tree decides whether an AI agent can read and act on your page. The 2026 data says the web is getting ...
Bleeping Computer

Microsoft links Mastra AI supply chain attack to North Korean hackers

Microsoft has attributed a recent Mastra AI supply chain attack that compromised more than 140 npm packages to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff. This attribution ...

As foreign threats to military land grow, Harford County moves to scrutinize development near Aberdeen Proving Ground

Harford County will now require developers to disclose any involvement with federal foreign investment regulators as part of the development application process — one of the first local measures aimed ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...