Fake 'interview' repos lure Next.js devs into running secret-stealing malware

Come for the coding test, stay for the C2 traffic Next.js developers are once again in the crosshairs as hackers seed ...

Someone built an x86 CPU emulator using pure CSS, for science

The recently unveiled x86CSS project aims to emulate an x86 processor within a web browser. Unlike many other web-based ...
The Hacker News

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Four rogue NuGet packages and one npm package stole ASP.NET Identity data, deployed C2 backdoors, and reached over 50,000 ...

Anthropic acquires AI startup Vercept to enhance Claude’s computer use features

Vercept’s first investor was a Seattle-based startup incubator called AI2 Incubator. The organization started out as a unit ...

QuickLens Chrome extension steals crypto, shows ClickFix attack

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was ...

Why more lawmakers are quitting Congress, and what it means for the midterms

Ahead of the midterm elections, a wave of House and Senate members are retiring or running for other offices.
Opinion

The No. 1 item food stamps buy is a travesty. Now states can say no.

The action is simple: The administration is finally allowing states to restrict the purchase of soda, sugary snacks and other junk food with the Supplemental Nutrition Assistance Program (SNAP), more ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...
CPO Magazine

Security Research Finds OpenClaw AI Agent “Trivially Vulnerable” to Hijacking

The Oasis researchers document a vulnerability chain that can be initiated from any website the AI agent (or its user) visits ...