CSO Online

Your personal OpenClaw agent may also be taking orders from malicious websites

A critical OpenClaw flaw allowed malicious websites to connect to locally running agents, brute-force passwords without ...

Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite

AI browsing agent left local files open for the taking If you wanted to steal local files from someone using Perplexity's ...

Builderius WordPress Page Builder Integrates Claude AI

Builderius page builder announced an experimental AI integration that can read and apply changes directly inside the builder.

Bill Clinton asked about hot tub photo and testifies he knew 'nothing' of Epstein crimes

The former president told the committee that he would never have flown on Epstein's plane if he "had any inkling of what he was doing".
The Hacker News

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

OpenClaw patches ClawJacked flaw, log poisoning bug, and multiple CVEs as 71 malicious ClawHub skills spread malware and ...
The Indiana Lawyer

IPS adopts new student policy in latest move involving ICE lawsuit from Attorney General Rokita

This story was originally published by Chalkbeat Indiana. The Indianapolis Public Schools board adopted a new policy on student privacy Wednesday in ...
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...
The Indiana Lawyer

Elevance shares slip after insurer discloses suspension warning for Medicare prescription program

The U.S. Centers for Medicare and Medicaid Services alleges the Indianapolis-based health insurer has failed to properly submit required information to federal regulators since 2018.

Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...

Hillary Clinton says she 'wants to see truth come out' after finishing Epstein testimony

The former US Secretary of State testifies she "had no idea" of Epstein crimes as she calls for President Trump to be ...