Tech Times

npm Supply Chain Attack: North Korea Backdoored 144 AI Packages in 88 Minutes

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
PC Magazine

Google Photos Just Made It Way Easier to Securely Export Your Entire Library

Google already lets you export your entire Photos library with Google Takeout. However, that takes a lot of time, data, and storage, so Google is making it easier to move pics at regular intervals.
Dark Reading

Google API Keys Remain Active After Deletion

Google API keys aren't completely inactive after users delete them, giving attackers a small but significant window to continue abusing them. Joe Leon, researcher at Belgian startup Aikido Security, ...
Mashable

Google’s new ‘Pixel Screenshots’ can search your screenshot library — and it’s the most useful AI feature of 2024

You, like myself, likely have a massive library of screenshots that includes everything from funny social media posts and saved order confirmations. Google walked me through how the Screenshot app ...
cybernews

Google Cloud developers going bankrupt over Gemini API key abuse: hard spending caps now available

Developers and startup founders on social media are sharing stories of being hit with devastating Google Cloud charges totaling dozens of thousands of dollars due to unauthorized Gemini API usage.
Forbes

Google Photos Changes Again: Leaked Update Redesigns Your Library

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Google Photos could soon see a radical redesign of the Collections tab, according to a new ...
Forbes

Google Starts Scanning All Your Photos As New Update Goes Live

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. All your photos are now in play. Updated on Apr. 20 with additional analysis on Google’s new ...
Bleeping Computer

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...
MacRumors

Gemini in Google Chrome Gets a Skills Library for Saving Custom AI Prompts

Chrome has been updated today with a Skills library that's designed to let Chrome users turn AI tasks into repeatable skills that can be used on any website. Useful prompts you create for Gemini in ...