First Platform to Achieve Full OWASP ASI Coverage for OpenClaw

ClawSecure implemented 10/10 OWASP ASI Top 10 coverage before any competing platform, backed by real audit data from ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
InfoWorld

First look: Electrobun for TypeScript-powered desktop apps

Powered by the TypesScript-native runtime Bun, Electrobun improves Electron with a smaller application footprint and built-in ...

OpenClaw Security Audit Finds 41% of Skills Have Vulnerabilities

ClawSecure's analysis of 2,890+ popular OpenClaw agent skills reveals 9,515 security findings, with 30.6% rated HIGH or ...

SSOJet Debuts AI-Native Enterprise SSO Platform Designed to Work Alongside Existing Auth Systems

AI-native platform adds enterprise SSO capabilities across 25+ identity providers to existing authentication infrastructure without migration. SAN FRANCISCO, CA, UNITED STATES, Ma ...
The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.
WinBuzzer

Chrome Gemini Flaw Let Rogue Extensions Hijack AI Panel

A high-severity Chrome vulnerability has allowed malicious extensions to exploit the Gemini panel and gain elevated access to ...
SecurityWeek

Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant

A Chrome vulnerability allowed malicious extensions to hijack the browser’s Gemini Live assistant to spy on users and ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Geeky Gadgets

New Browser API WebMCP : Actually Makes AI Agents Work Efficiently

WebMCP is a browser API developed collaboratively by Google and Microsoft to enhance how AI agents interact with websites. According to Better Stack, this API allows developers to define specific ...