If you wanted to steal local files from someone using Perplexity's Comet browser, until last month you could just schedule ...

Cloudflare’s experimental AI-built Next.js alternative, vinext, has been released with critical security flaws, escalating a feud with Next.js maintainer, Vercel.

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data theft.

A Chrome vulnerability allowed malicious extensions to hijack the browser’s Gemini Live assistant to spy on users and ...

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...

Thousands of Google Cloud API keys available online may have given unauthorised access to sensitive Gemini AI endpoints, cybersecurity experts found. Security experts at Truffle Security ...

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.

Exposed Google Cloud API keys in public JavaScript may now authenticate Gemini API calls, risking data exposure and runaway ...

A critical OpenClaw flaw allowed malicious websites to connect to locally running agents, brute-force passwords without ...

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...

Exposed Google API keys previously not considered secrets can now inadvertently grant attackers access to sensitive Gemini ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach reports, expert analysis, and actionable insights for infosec professionals and ...