‘AI’ could dox your anonymous posts

Researchers were able to accurately nail down identities for "anonymous" posts from Reddit, Hacker News, and more.

Fake Claude Code install guides push infostealers in InstallFix attacks

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users into running malicious commands under the pretext of installing legitimate ...
SecurityWeek

Over 100 GitHub Repositories Distributing BoryptGrab Stealer

Distributed through over 100 GitHub repositories, the BoryptGrab stealer targets browser, wallet, system, and other user data ...
Microsoft

Malicious AI Assistant Extensions Harvest LLM Chat Histories

Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek.

Epstein files reveal the power – and peril – of online sleuths doing the government’s work

A large release of important documents once meant teams of journalists staying back, working through piles of records late into the night. Today, it triggers something closer to a public audit. The ...
Decrypt

Before You Quit ChatGPT, Do This to Take Your Data With You

The QuitGPT movement has passed 2.5 million pledges. Before you delete ChatGPT, here is every step to take so your data doesn't stay behind.
PCMag on MSN

Phony Claude Code Install Guides Trick Vibe Coders Into Installing Malware

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.