ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...

WebMCP explained: Inside Chrome 146’s agent-ready web preview

WebMCP exposes structured website actions for AI agents. See how it works, why it matters, and how to test it in Chrome 146.

Perplexity AI Browser Flaw Could Let Calendar Invites Access Local Files

Researchers say a vulnerability in Perplexity’s Comet AI browser could expose local files and credentials through malicious ...

Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.
PCMag

Wikipedia Forced to Lock Down Edits Over JavaScript That Could Delete Pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed ...
The New York Times

Real Estate

After a decade of renting apartments around the city, a first-time buyer wanted “something a little quieter,” but centrally located. Here’s what he found. By Kristen Millares Young Millennials are ...