The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.
The Hacker News

Investigating a New Click-Fix Variant

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...

Google GWS CLI Brings Full Workspace Access to AI Agents

Google Workspace CLI adds cross-app command control with pre-built skills; setup needs Google Cloud APIs and an OAuth client in one project.
Visual Studio Magazine

Hands On: Building an MCP Server with VS Code AI Toolkit's New Tool Catalog

Microsoft's AI Toolkit extension for VS Code now lets developers scaffold a working MCP server in minutes. Here's what that looks like in practice -- including the parts that don't work, and a simpler ...
PolitiFact

Social media feeds are awash with Iran war misinformation. Here’s how to identify false imagery

Tal Hagin, an open-source intelligence analyst based in Israel, compiles misinformation and shares his findings on X daily. He said he’s seen people recycling footage of Iranian missile strikes in ...
Hoodline

Dropbox Tip Leads Cops To Infant Abuse Images, Miami-Dade Man Charged

A Miami-Dade man is facing a stack of felony charges after a cloud-storage tip led detectives to what authorities say are graphic images of young girls, including at least one infant. Deputies ...