The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

Google report: AI is accelerating cloud cyberattacks, and one weak link stands out

Google report: AI is accelerating cloud cyberattacks, and one weak link stands out ...
AARP

Indiana Is First State to Ban Crypto Kiosks, Citing Their Role in Scams

Now, with strong support from AARP, Indiana lawmakers have banned the machines from operating in the state. While more than a dozen other states have passed legislation regulating the machines, ...
InfoWorld

Why local-first matters for JavaScript

Every developer should be paying attention to the local-first architecture movement and what it means for JavaScript. Here’s ...

Google uncovers iOS exploit kit used in crypto phishing attacks

The Google Threat Intelligence Group says it found an iPhone exploit kit that could crack the device and sniff out crypto wallets, apps and seed phrases to steal funds.
The Hacker News

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.
Opinion
Security BoulevardOpinion

The Chrome Extension Backdoor: How ‘Productivity Tools’ Became Enterprise Attack Vectors

Millions installed 'productivity' Chrome extensions that became malware after acquisition. Here's how browser extensions became enterprise security's weakest link.