Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite

If you wanted to steal local files from someone using Perplexity's Comet browser, until last month you could just schedule ...
GitHub

A desktop app for viewing large JSON files.

Janice is a desktop app for viewing large JSON files. It's key features are: To run Janice just download and unzip the latest release to your computer. Janice ships as a single executable file that ...
SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...
InfoQ

OpenAI Codex-Spark Achieves Ultra-Fast Coding Speeds on Cerebras Hardware

In a major shift in its hardware strategy, OpenAI launched GPT-5.3-Codex-Spark, its first production AI model deployed on ...
Appuals

How to Fix OneNote Not Responding, Freezing Issue?

When OneNote shows "Not Responding", it usually means the app is stuck during a task (syncing, loading a large notebook, ...

Xcode with vibecoding AI agents to help build apps is now available

Apple has released Xcode 26.3 with support for autonomous coding agents, that can directly analyze projects, modify files, ...

Anthropic acquires AI startup Vercept to enhance Claude’s computer use features

Vercept’s first investor was a Seattle-based startup incubator called AI2 Incubator. The organization started out as a unit ...
The Hacker News

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Four rogue NuGet packages and one npm package stole ASP.NET Identity data, deployed C2 backdoors, and reached over 50,000 ...
OfficeChai

Cloudflare Says It Used AI To Rebuild Next.js In 1 Week For $1,100

AI isn’t just helping out with coding — it’s helping complete entire projects at a pace and price-point that would’ve been unthinkable ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Control Global

New virtualization tools keep sprouting

Just like algae blooms in the ocean and pollen in the spring, there’s been an explosion in the past year or two of new software, related tools and lingo from the IT and mainstream/consumer side. Some ...