I hacked my own computer using OpenClaw and it was terrifyingly easy

Agentic AI tools like OpenClaw promise powerful automation, but a single email was enough to hijack my dangerously obedient ...

Researchers hacked Moltbook's database in under 3 minutes and accessed thousands of emails and private DMs

Researchers hacked Moltbook's database in minutes, exposing emails, private messages, and API keys tied to its AI agents network.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.
LinuxInsider

Weaponized Python and Linux Malware Target Executives and Cloud Systems

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...
Dark Reading

Chinese APTs Hacking Asian Orgs With High-End Malware

Advanced persistent threat (APT) groups have deployed new tools against a variety of targets, highlighting the increasing ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
Hackaday

Astronomy Live On Twitch

Although there are a few hobbies that have low-cost entry points, amateur astronomy is not generally among them. A tabletop Dobsonian might cost a few hundred dollars, and that is just the entry ...
Cybernews

Pentest tools left online are allowing hackers to exploit Fortune 500 firms

Hackers are exploiting intentionally vulnerable penetration testing and security training apps that have been mistakenly exposed to the public internet, giving them access to cloud environments ...
eWeek

Affleck, Damon Torch ChatGPT Screenplay Dreams

Ben Affleck and Matt Damon used a pit stop on "The Joe Rogan Experience" to torch the idea that ChatGPT could pen the next blockbuster. Affleck ...

Hackers are now exploiting the safety of open-source apps to sideload malware, and on LinkedIn of all places

The good news is that not clicking on unknown links avoids it entirely.
Bleeping Computer

Trust Wallet confirms extension hack led to $7 million crypto theft

Trust Wallet confirmed that a compromised Chrome extension update released on December 24 led to $7 million in stolen cryptocurrency after users reported their wallets drained. "So far, $7m affected ...