Another 1-click admin account takeover in pewdiepie's AI tool (language in video nsfw)
Summary
A security vulnerability allowing 1-click admin account takeover has been discovered in PewDiePie's AI tool.
Similar Articles
Just found a 1-click RCE in pewdiepie's Odysseus Chat
A researcher discovered a 1-click remote code execution vulnerability in PewDiePie's Odysseus Chat and is submitting a PR to fix it.
(YT) PewDiePie released his harness/webui
PewDiePie released a self-hosted AI workspace Odicus, emphasizing privacy and data ownership, integrating a full suite of tools including agents, email, deep research, document editing, etc.
A Roblox cheat and one AI tool brought down Vercel's platform
A Roblox cheat infected a Context.ai employee with Lumma Stealer, which led to compromised OAuth credentials being used to breach Vercel's internal systems, exposing non-sensitive environment variables and highlighting risks of broad AI tool OAuth permissions.
Hackers duped Meta AI support chatbot to steal celebrity Instagram accounts
Hackers exploited Meta's AI support chatbot to steal high-value Instagram accounts by tricking it into account recovery, highlighting the dangers of AI agents with elevated permissions. Accounts with MFA were not compromised.
The Meta hack shows there’s more to AI security than Mythos
Attackers exploited Meta's AI customer support agent to hijack Instagram accounts by simply asking it to change linked email addresses, highlighting that AI agent vulnerabilities can be as dangerous as advanced AI hacking threats.