Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Israel attacks presidential office in Tehran as reported death toll in Iran rises to 787

One person inside Iran says "every part" of the capital has been hit. Elsewhere, Israel says ground troops will advance in ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...
SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...
The Caledonian-Record

'Severe blow' dealt to Iran command centres: latest developments

Israel's army said the joint attacks carried out with the United States had dealt a severe blow to Iran's command and control ...

Israel launches fresh strikes on Tehran and Beirut as US warns 'hardest hits' on Iran 'yet ...

Drones strike the American embassy in Saudi Arabia and Iran claims to have "destroyed" a building at a US air base in Bahrain ...

Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite

AI browsing agent left local files open for the taking If you wanted to steal local files from someone using Perplexity's ...

QuickLens Chrome extension steals crypto, shows ClickFix attack

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was ...

US warns of Iranian attack on Saudi oil city as Trump tells Tehran it's 'too late' to talk

The US consulate in Dhahran - where Saudi oil giant Aramco is based - urges people to shelter. Elsewhere, the UK deploys "a ...
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...