frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

Open in hackernews

More than 1,500 AI projects are now vulnerable to a silent exploit

5•mykytamudryi•8h ago
According to the latest research by ARIMLABS[.]AI, a critical security vulnerability (CVE-2025-47241) has been discovered in the widely used Browser Use framework — a dependency leveraged by more than 1,500 AI projects.

The issue enables zero-click agent hijacking, meaning an attacker can take control of an LLM-powered browsing agent simply by getting it to visit a malicious page — no user interaction required.

This raises serious concerns about the current state of security in autonomous AI agents, especially those that interact with the web.

Comments

Proofread0592•8h ago
Here's the issue on the github advisory database with an example

https://github.com/advisories/GHSA-x39x-9qw5-ghrf

> The core issue stems from the line domain = domain.split(':')[0], which allows an attacker to manipulate basic authentication credentials by providing a username:password pair. By replacing the username with a whitelisted domain, the check can be bypassed, even though the actual domain remains different.

So consider https://example.com:pass@google.com

This URL goes to google.com (paste it in your browser to see), but the library will consider this a URL that goes to example.com, which it doesn't.

Ask HN: Do you have a side project you're getting tired of?

15•gdulli•9h ago•10 comments

AskHN: Best, simplest platform to run a Technical Interview on?

3•marche101•3h ago•2 comments

Ask HN: Conversational AI to Learn a Language

77•edweis•5d ago•58 comments

Ask HN: How do you promote your personal projects with a limited budget?

119•javafactory•1d ago•86 comments

We sold our first AI agent to a legacy industry–now we're stuck. Help us Advice?

9•goldmanX•13h ago•12 comments

Ask HN: Places in the UK / Europe Related to computers

7•sailorganymede•18h ago•7 comments

Ask HN: Agent / workflow frameworks or roll your own?

4•dennisy•9h ago•0 comments

Ask HN: How to Make Friendster Great?

84•ca98am79•1d ago•124 comments

Ask HN: What makes a programming language great for code generation?

3•keithasaurus•11h ago•3 comments

I spent 15 years developing a tool to make sense of software version numbers

30•a1tern•2d ago•5 comments

Ask HN: Pros and cons of offering a self-hosted version of your SaaS?

12•DavyCreddy•1d ago•4 comments

I'm Peter Roberts, immigration attorney, who does work for YC and startups. AMA

255•proberts•6d ago•453 comments

Tell HN: Mozilla is preparing to remove bookmark keywords

13•RheingoldRiver•8h ago•2 comments

Ask HN: Engineering Statics and Dynamics book recommendation

7•areoform•1d ago•2 comments

Ask HN: Where to find UX design resources?

11•bindd•2d ago•6 comments

Modern Python Boilerplate – good package basic structure

7•lambda-science•1d ago•0 comments

More than 1,500 AI projects are now vulnerable to a silent exploit

5•mykytamudryi•8h ago•1 comments

Ask HN: How are you using LLMs for research on a library of journal articles?

3•jopizio•1d ago•0 comments

What If Every Picture You've Ever Seen Already Exists?

17•cin4ed•2d ago•27 comments

Tell HN: Chrome Slows Down on Hacker News on My High-End Windows 11 PC

2•sss111•7h ago•0 comments

Tell HN: The Hetzner Experience - Invisible Outages

34•AmazingTurtle•2d ago•12 comments

Ask HN: Don't You Mind That LLMs Are Mostly Proprietary?

18•dakiol•3d ago•18 comments

Built an AI Tool? List It for Free on Aisofto.com

6•rahulbstomar•1d ago•0 comments

Ask HN: Does the languages we speak affect the way we think?

7•Genius_um•2d ago•20 comments

Is this necassary to fail at first time? No money with 280 Users

3•gurpreet_codes•1d ago•5 comments

Big Beautiful Bill R&D Tax: Will tech go on a hiring spree again?

20•jbverschoor•3d ago•19 comments

Ask HN: Anyone working in traditional ML/stats research instead of LLMs?

21•itsmekali321•6d ago•11 comments

How to Fix the Gaming Industry

3•azyLum•2d ago•10 comments

Ask HN: Do people actually pay for small web tools?

58•scratchyone•4d ago•65 comments

Ask HN: When do you just give up and ship it?

16•90s_dev•3d ago•14 comments