Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.

OpenClaw is in the news again for another serious security issue. Security researchers from Oasis Security discovered a ...

The Oasis researchers document a vulnerability chain that can be initiated from any website the AI agent (or its user) visits ...

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

メシウス株式会社は、WebアプリケーションでExcelライクなUIと機能性を実現するJavaScriptライブラリ「SpreadJS（スプレッドJS）」において、新版「SpreadJS V19J」を3月26日より提供開始すると発表した。

Researchers with Truffle Security are warning that old and seemingly benign Google API keys might now be weaponized by threat actors after gaining Gemini AI authorization permissions, in a destructive ...

※アクセスは過去7日間で集計しています。

ライブ配信ソフト「OBS Studio」の公式フォーラムで3月9日（米国時間）、セキュリティインシデントが報告された。プラグイン作者のアカウントが乗っ取られ、悪意あるバージョンが配信された。 Some accounts on our forum were recently compromised due to password re-use and used to post malware. 「o ...

A website styled to look like a Google Account security page is distributing what Malwarebytes describes as one of ...

Oasis Security researchers find yet another security problem with the OpenClaw AI agent, with this one allowing malicious websites to silently take control of a developer's system and steal data.