The Hacker News

Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants

Four DifyTap flaws could expose private AI chats and files across Dify tenants; three are fixed in version 1.14.2.
Decrypt

This AI Agent Survived 6,000 Hack Attempts—Here’s How

Developer Fernando Irarrázaval's AI agent experiment drew over 6,000 hack attempts from more than 2,000 attackers. No one ...

Enterprise-grade AI image generation in 2 seconds is here: Krea 2 Raw and Turbo available as open weights under custom license

Because Krea relinquishes centralized control over the downstream deployment of its open weights, the contract legally binds ...

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Developer Tech

ONLYOFFICE Docs Developer: Secure document editing in your own app

Secure document editing in your own app. ONLYOFFICE Docs Developer equips web applications with secure, latency-free document ...
Dark Reading

DifyTap Bugs Let Attackers 'Wiretap' AI Chat Histories

Four vulnerabilities allow attackers to exploit Dify, a platform for AI application building and management, to silently ...

CSI Launches Open Integration Hub, Giving Community Banks Transparency and Control Over Fintech Integrations

New self-service platform streamlines how banks manage, monitor, and govern fintech connectionsPADUCAH, Ky.--(BUSINESS WIRE)- ...
Tech Times

ChatGPT Enterprise Gains Slack Write Access: AI Agent Can Now Join Channels, Upload Files

ChatGPT Enterprise Slack integration gained write-scope connector actions on June 22 — joining channels, uploading files, ...

Your enterprise AI agents should automatically remember which model is right for which task. Mindstone built the capability with Rebel

The marquee features are its simplicity and extensive customizability to fit any given team, no matter how unique or specific the workflows, all based around the common, open source standard file ...
XDA Developers on MSN

Strava killed its free API, so I built my own fitness platform with Endurain and FitPub instead

I ditched Strava after its API shutdown and found something better: a self-hosted fitness database that actually respects ...

Microsoft further improving Windows 11 Taskbar with latest builds

Microsoft has released new Windows 11 Experimental channel builds under 26300.8758, 28120.2374, and 29617.1000. They bring ...
SecurityWeek

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories

Amazon Q vulnerability could allow attackers to steal developer cloud credentials by luring them into opening a booby-trapped ...