The Hacker News

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

UNC4899 breached a crypto firm via AirDrop malware and cloud exploitation in 2025, stealing millions through Kubernetes and Cloud SQL abuse.

Google: Cloud attacks exploit flaws more than weak credentials

Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days.
WinBuzzer

New Databricks KARL RAG Agent Promises 33% Cost Reduction vs. Claude Opus 4.6

Databricks has released KARL, an RL-trained RAG agent that it says handles all six enterprise search categories at 33% lower ...
InfoQ

New Research Reassesses the Value of AGENTS.md Files for AI Coding

Despite widespread industry recommendations, a new ETH Zurich paper concludes that AGENTS.md files may often hinder AI coding agents. The researchers recommend omitting LLM-generated context files ...