PromptSpy is the first known Android malware to use generative AI at runtime

Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google's Gemini model to adapt its persistence across different devices.
eWeek

OpenAI Just Showed That AI Can Drain a Crypto Wallet… on Purpose

Codex can exploit vulnerable crypto smart contracts 72% of the time, raising urgent questions about AI-powered cyber offense and defense.

AI-generated passwords are surprisingly easy to crack, researchers find

Security firm Irregular analyzed outputs from tools such as Claude, ChatGPT, and Gemini, and found that many AI-generated passwords appear complex but are actually highly predictable ...

Critical infra Honeywell CCTVs vulnerable to auth bypass flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a critical vulnerability in multiple Honeywell CCTV products that allows unauthorized access to feeds or account ...
SecurityWeek

Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration

Vulnerabilities in PDF platforms from Foxit and Apryse could have been exploited for account takeover, data exfiltration, and other attacks.

30 fake AI Chrome extensions caught stealing passwords and more

Security experts have uncovered dangerous Chrome extensions that promise or impersonate AI tools to steal sensitive data.
Android Police

Please stop using Google Password Manager to save your credentials

Each one of our favorite Android phones comes with Google's password manager built in. It offers a convenient and safe way to store your credentials and is much better than relying on your memory to ...
GitHub

Modern password hashing for Python

We use uv to manage the development environment and production build, and just to manage command shortcuts. Ensure they are installed on your system. Your default Git text editor will open so you can ...