Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite

AI browsing agent left local files open for the taking If you wanted to steal local files from someone using Perplexity's ...

Princess Polly plans opening at this Central Florida mall

The Gen Z fashion retailer, Princess Polly, plans to open in August at The Mall at Millenia, which has added multiple brands ...

Solidigm plants billboard on Highway 101 as AI demand lifts storage business

Xin Guo, co-CEO of Solidigm, speaks during an event marking the opening of the company’s San Jose office on Feb. 24. The ...
SecurityWeek

Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant

A Chrome vulnerability allowed malicious extensions to hijack the browser’s Gemini Live assistant to spy on users and ...

Bill Clinton testifies about hot tub photo in Epstein deposition

Former President Bill Clinton testified about a hot tub photo from the Epstein files, denying knowledge of the photo or sexual activity.

Fake 'interview' repos lure Next.js devs into running secret-stealing malware

Come for the coding test, stay for the C2 traffic Next.js developers are once again in the crosshairs as hackers seed ...

Hillary Clinton testified in Epstein probe. Here's what to know

Hillary Clinton testified in the House Oversight committee's probe into Jeffrey Epstein. Here are the moments you should know about.
SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data theft.

AI Agents Broke Your Security Stack. Here’s What Comes Next

Shreyans Mehta is the cofounder and CTO of Cequence Security, a pioneer of unified application and API protection.

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...
The Hacker News

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Four rogue NuGet packages and one npm package stole ASP.NET Identity data, deployed C2 backdoors, and reached over 50,000 ...