The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel domains to stage malware is a tactic that has been adopted by North Korea-linked ...
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 ...
InfoWorld

The browser is your database: Local-first comes of age

The thick client is making a comeback. Here’s how next-generation local databases like PGlite and RxDB are bringing ...

HTML+JavaScriptも楽々開発、AIにWebアプリを作ってもらおう

現在、LLM(大規模言語モデル)の応用技術である「AIエージェント」が大きな注目を集めています。ここでは米GoogleがオープンソースのAIエージェントとして公開した「Gemini ...
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.
Joy of Android

GitHub Games and the Open Approach to Game Development

GitHub games are open-source projects for testing gameplay ideas, sharing code, and collaborating publicly outside ...
CSO Online

Your personal OpenClaw agent may also be taking orders from malicious websites

A critical OpenClaw flaw allowed malicious websites to connect to locally running agents, brute-force passwords without ...