The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...
Hosted on MSN

AI browsers are here, and they're already being hacked

AI-infused web browsers are here and they’re one of the hottest products in Silicon Valley. But there’s a catch: Experts and the developers of the products warn that the browsers are vulnerable to a ...

OpenAI says AI browsers like ChatGPT Atlas may never be fully secure from hackers—and experts say the risks are ‘a feature not a bug’

Security researchers also previously told Fortune that while a lot of cybersecurity risks were essentially a continuous cat-and-mouse game, the deep access that AI agents need—such as users’ passwords ...

How OpenAI is defending ChatGPT Atlas from attacks now - and why safety's not guaranteed

An 'automated attacker' mimics the actions of human hackers to test the browser's defenses against prompt injection attacks. But there's a catch.