The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

OpenClaw AI agent found falling for phishing attacks, spills user data

Phishing simulation on an OpenClaw email agent with various configuration profiles showed that it was susceptible to tactics ...

Lifesight Launches MCP to Bring Unified Marketing Measurement Directly Into Claude and ChatGPT

New connector eliminates the analyst bottleneck, empowering CMOs and finance leaders to query live causal models, generate ...

Zip’s new AI agents want to stop your finance team from uploading contracts into personal ChatGPT accounts

Zip launches AI superagents and procurement-focused MCP tools to help enterprises automate purchasing, govern ChatGPT and ...

New phishing scam targets Microsoft Outlook and Teams users

The FBI is warning Microsoft 365 users about a new scam that steals digital keys to hack your Outlook or Teams without a password.
The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...
Tech Times

Microsoft 365 Phishing Kit Kali365 Bypasses MFA: FBI Warns Hundreds of Organizations Targeted

Microsoft 365 phishing attacks now bypass MFA entirely: a criminal subscription service called Kali365 tricks users into granting account access through legitimate Microsoft login pages, letting ...

Apple’s 2026 Security Events: iPhone Exploits, Zero-Days Put Millions at Risk

Apple’s 2026 security year includes zero-days, iPhone exploit kits, WebKit fixes, and background patches that users and IT ...

PRNews OU: Lifesight Launches MCP to Bring Unified Marketing Measurement Directly Into Claude and ChatGPT

Lifesight, the agentic unified marketing measurement platform, today announced the launch of Lifesight MCP. This innovative connector, built on ...
NPR

Ukraine invasion — explained

The roots of Russia's invasion of Ukraine go back decades and run deep. The current conflict is more than one country fighting to take over another; it is — in the words of one U.S. official — a shift ...