The Hacker News

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

UNC4899 breached a crypto firm via AirDrop malware and cloud exploitation in 2025, stealing millions through Kubernetes and Cloud SQL abuse.
eWeek

OpenAI Acquires Cybersecurity Startup Promptfoo to Strengthen AI Agent Security

OpenAI is acquiring Promptfoo to strengthen AI agent security, adding enterprise testing tools for jailbreaks, prompt injections, data leaks, and governance.
CSO Online

Devs looking for OpenClaw get served a GhostClaw RAT

GhostClaw poses as an OpenClaw installer package, stealing system credentials and sensitive data before deploying a persistent RAT.