The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

Google and iVerify reveal government-grade iPhone exploit kit spreading to hackers

Google and iVerify have shared details about Coruna, an exploit kit that chains multiple vulnerabilities to target iPhones ...
The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft ...

What Is ActiveX? How It Works and Ensures Computer Security

ActiveX is a Microsoft software framework that enables applications to share data across web browsers, enhancing functionality and security in computing.
TechRound

Scammers Are Using Fake Google Security Checks To Steal User Passwords, Reports Find

A website styled to look like a Google Account security page is distributing what Malwarebytes describes as one of ...
PCMag Australia

Phony Claude Code Install Guides Trick Vibe Coders Into Installing Malware

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.
MIT Technology Review

The Download: an AI agent’s hit piece, and preventing lightning

Scott Shambaugh didn’t think twice when he denied an AI agent’s request to contribute to matplotlib, a software library he helps manage. Then things got weird.

This Scam Impersonates the Official Claude Code Website to Spread Malware

InstallFix delivers an infostealer to your device.

India's cyber security agency has issued security alert for Google Chrome browser: Check if you are affected and how to fix it

CERT-In has issued a high-severity warning for Google Chrome users, citing vulnerabilities that could allow remote code execution. The advisory urges users to update their browser to the latest ...
CNET

You Can Download iOS 26.4 Developer Beta 4 on Your iPhone Right Now

Apple's iOS 26.4 beta adds AI-generated Apple Music playlists, early testing for encrypted RCS messaging and a new setting to tone down iOS 26's brighter visual effects. With more than a decade of ...

eBaseball PRO SPIRIT: Free to Play, Platforms and How to Download

Baseball season always brings surprises, and this year, Konami decided to add its own curveball by quietly releasing a brand-new baseball game out of nowhere. No long marketing build-up — just a ...
SecurityWeek

Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign

A newly discovered InstallFix campaign relies on malicious commands on cloned installation webpages to trick victims into installing malware.