Decrypt

DeFi Platform TrustedVolumes Hit by $6.7M Exploit

The liquidity resolver used by multiple DeFi protocols was hit, with DEX aggregator 1inch claiming no impact on its systems.
The Hacker News

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Dirty Frag exposes Linux systems to root escalation through chained kernel flaws, impacting Ubuntu, RHEL, Fedora, and others.
The Next Web

The AI industry’s model and agent skill repositories are full of malware. The infrastructure built to accelerate development is now the vector for compromising it.

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.
CSO Online

Ollama vulnerability highlights danger of AI frameworks with unrestricted access

Dubbed Bleeding Llama, the flaw gives attackers direct access to sensitive data stored in the most popular framework for ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...