All posts tagged: hijacked

How Donald Trump hijacked America’s birthday

How Donald Trump hijacked America’s birthday

It’s a cruel quirk of fate, or maybe just a tragic irony, that we are celebrating America’s semiquincentennial during one of the most surreal periods in American history. We’ve certainly been through tougher economic times, and our latest war in the Middle East is not as ambitious as even the ones we waged earlier in this century. But I don’t think things have ever been as downright strange on both a domestic and global level as they are in the era of Donald Trump. Celebrating the Declaration of Independence under these circumstances is downright phantasmagoric. Perhaps that’s why it doesn’t feel like any kind of celebration as much as an otherworldly requiem for a country that no longer exists.  At 250 years old, the United States is the oldest continuous modern democracy, which is startling when you realize that, by historical standards, we are still a pretty young country. The fact that America is so powerful and has such an outsized influence on the rest of the world is as much a function of its …

The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.

The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.

A single fake error report hijacked Claude Code in controlled testing — the agent ran the attacker’s code with the developer’s full privileges, and not one alert fired. EDR, WAF, IAM, and the firewall all missed it completely. Tenet Security’s June agentjacking disclosure describes a single crafted Sentry error event — sent through a public credential that requires no breach and no authentication — that injected attacker instructions into error data that Claude Code, Cursor, and Codex then executed as trusted diagnostic output. Tenet tested 100-plus targets in controlled conditions and achieved an 85% success rate. Sentry called the flaw “technically not defensible.” he Cloud Security Alliance classified agentjacking as a systemic MCP vulnerability class within days of the disclosure. No credentials were stolen, no policy was violated, no perimeter was breached: every step in the chain was authorized. That is the problem. Tenet identified 2,388 organizations with publicly exposed Sentry credentials that could be used to inject malicious events at scale. The research is proof-of-concept, not confirmed exploitation across all 2,388. But one captured …

Drug Sites Hijacked Spotify’s Search Ranking Through Fake Podcasts, Report Finds

Drug Sites Hijacked Spotify’s Search Ranking Through Fake Podcasts, Report Finds

For the past year, Spotify has been quietly purging tens of thousands of podcasts that advertised illegal online pharmacies. A report released Thursday by Senator Maggie Hassan, ranking member of the Joint Economic Committee, faults the company for acting only after news outlets exposed the content and her office spent nearly a year pressing for answers. None of what it removed was sent to law enforcement, the report says. Spotify reportedly removed more than 57,000 podcast episodes and 3,000 shows, and took enforcement action against 3,500 accounts, all pushing links to illegal online pharmacies advertising opioids, benzodiazepines, and stimulants for sale without a prescription. Nevertheless, the report frames the cleanup as a moderation failure. The report leans on one comparison in particular: Spotify acted against more than 3,500 accounts for drug content in 2025 but fewer than 100 the year before. The committee presents the jump as evidence the company moved only after it came under scrutiny. Spotify offered a different explanation: that its older counts are incomplete because, as it says in the report, …

Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged

Anthropic’s browser agent got hijacked 31.5% of the time before safeguards engaged

Across the frontier labs, the highest prompt injection figures published this spring are Anthropic’s. Point a red-teamer at its newest model in a browser, and the attacker hijacked it 31.5% of the time before safeguards engaged. OpenAI, Google, and Meta never gave security leaders a comparable number to set beside it. That figure looks like a liability. In this comparison, it is the opposite. It’s the one solid piece of ground. Four frontier labs each shipped a prompt injection disclosure, and no two match. Anthropic put 244 pages and four agentic surfaces on the table on May 28. OpenAI reported one surface, connectors. Google moved the subject out of the model card and into a separate safety framework. Meta shipped no closed-model card at all. The Cross-Vendor Prompt Injection Disclosure Grid below maps what each lab tested, what each one measured, and the four places a side-by-side comparison falls apart. A prompt injection hides a malicious instruction in something an agent reads, a web page, a document, or a tool result. One planted line can …

Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall

Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall

Adversaries injected malicious prompts into legitimate AI tools at more than 90 organizations in 2025, stealing credentials and cryptocurrency. Every one of those compromised tools could read data, and none of them could rewrite a firewall rule. The autonomous SOC agents shipping now can. That escalation, from compromised tools that read data to autonomous agents that rewrite infrastructure, has not been exploited in production at scale yet. But the architectural conditions for it are shipping faster than the governance designed to prevent it. A compromised SOC agent can rewrite your firewall rules, modify IAM policies, and quarantine endpoints, all with its own privileged credentials, all through approved API calls that EDR classifies as authorized activity. The adversary never touches the network. The agent does it for them. Cisco announced AgenticOps for Security in February, with autonomous firewall remediation and PCI-DSS compliance capabilities. Ivanti launched Continuous Compliance and the Neurons AI self-service agent last week, with policy enforcement, approval gates and data context validation built into the platform at launch — a design distinction that matters …

Matthew Kelly: ‘Something extinct I’d bring back to life? Wokeness – a good thing that’s been hijacked’ | Life and style

Matthew Kelly: ‘Something extinct I’d bring back to life? Wokeness – a good thing that’s been hijacked’ | Life and style

Born in Lancashire, Matthew Kelly, 75, studied drama at Manchester Polytechnic and acted at the Liverpool Everyman. He moved into TV, presenting Game for a Laugh in the 80s, You Bet! in the 90s and Stars in their Eyes from 1993 to 2004. Having returned to the stage, he received an Olivier award in 2004 for his role in Of Mice and Men in London’s West End. He stars in Waiting for Godot at Glasgow’s Citizens theatre from 20 February to 14 March, then takes the play to Liverpool and Bolton. He has two children and lives in London. What is your greatest fear?Not being able to work. What is the trait you most deplore in yourself?Intolerance. What is the trait you most deplore in others?Intolerance. Aside from property, what’s the most expensive thing you’ve bought?Insurance – it’s such a scam. What is your most treasured possession?My freedom pass. Describe yourself in three wordsFriendly, opinionated, hilarious. What makes you unhappy?Very little. I’m always, “Hello birds, hello trees, aren’t we having a lovely time?” What do you most dislike …

Has Your Work Hijacked Your Life?

Has Your Work Hijacked Your Life?

Over the past couple of decades, there has been an explosion of scientific research into how the workplace impacts our emotional health and our relationships, both at work and outside of it. The findings paint an alarming picture of how deeply work has penetrated into our lives and minds and the damage it is doing, often without us being aware of it. This Is Your Life on Work The number of people experiencing intense work stress in today’s workplace has been at the highest levels recorded for the past five years. In a 2024 American Psychological Association poll, 43% of workers reported high stress, and 67% reported symptoms of burnout. No surprise, then, that thriving at work was also at an all-time low. Intense stress and burnout are serious conditions that pose equally serious threats to your physical health and emotional well-being. They include increased risk of cardiovascular and gastrointestinal disease, diabetes, respiratory infections, anxiety, depression, alcohol and substance abuse, suicide, and general mortality. Activities that pose such severe risks to health and well-being typically …

What we know about the Beckham rift: Wedding dress drama, ‘hijacked’ first dance and birthday snub | UK News

What we know about the Beckham rift: Wedding dress drama, ‘hijacked’ first dance and birthday snub | UK News

Brooklyn Peltz Beckham has addressed his estrangement from his parents in a dramatic social media post, saying he had “remained silent for years”. A lengthy statement shared on the 26-year-old’s Instagram story revealed details about his fallout with parents Sir David Beckham and Lady Victoria Beckham, which had been the subject of public speculation for years. He wrote: “I do not want to reconcile with my family. I’m not being controlled, I’m standing up for myself for the first time in my life.” So what does Brooklyn claim happened between him and his family? Here’s everything you need to know. Brooklyn addresses long-rumoured wedding dress drama Brooklyn married his actress and model wife Nicola Peltz, who is the daughter of American billionaire businessman Nelson Peltz in 2022. It was a lavish April event in Palm Beach rumoured to have cost millions. In the Instagram post shared with his 16 million followers, Brooklyn, who now lives in LA, said there were tensions around the wedding. Image: Brooklyn Beckham and Nicola Peltz in 2022. Pic: Reuters He …