ComfyUI servers: Attackers turn instances into a cryptominer proxy botnet

More than 1000 ComfyUI servers are exposed to the internet. Attackers exploit misconfigurations to add instances to a botnet.
InfoWorld

Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents

The open-source project maps directly to OWASP’s top 10 agentic AI threats, aiming to curb issues like prompt injection, ...
eWeek

Project Glasswing: Anthropic Unites Apple, Google, Microsoft on AI Cybersecurity

Anthropic’s Project Glasswing unites major tech rivals to use Claude Mythos Preview to find and fix critical software vulnerabilities before attackers do.
eWeek

Anthropic’s Claude Blackmail Research Shows a Bigger Agentic AI Risk

Anthropic’s Claude blackmail research found harmful behavior across major AI models under pressure, raising fresh concerns ...

Anthropic’s biggest AI leak yet: How Claude Code spill exposed secrets and sparked chaos

AI firm Anthropic accidentally leaked its Claude Code source code via an npm package, revealing unreleased features like an ...
Arabian Post

ComfyUI breach wave targets AI servers

The activity centres on unauthenticated ComfyUI deployments and the platform’s custom node ecosystem, which lets users add ...
The Hacker News

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...