The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
MUO on MSN

I taught my keyboard 8 shortcuts, and now Windows feels built around me

Eight shortcuts later, Windows finally works the way I do.
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
Infosecurity Magazine

Lookalike npm Package Hides a Multi-Stage Windows RAT

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

動画で学ぶ「入社1年目からのGoogle Apps Script」講座が配信開始 ...

(株)インプレスは、同社が展開中のビジネス・実務で役立つスキルや考え方が学べるオンデマンド配信講座「Impress Books Academy(インプレス・ブックス・アカデミー)」において、新講座「動画で学ぶ『入社1年目からのGoogle Apps ...
Security Boulevard

When AI Agents Become Bots: A Field Report from the Authentication Layer

Security vendors and their customers have spent considerable time debating where to draw the line between “legitimate” AI agents and “malicious” bots. A 31-day campaign against a major consumer ...
Manila Bulletin

Microsoft warns of USB malware that drains crypto wallets

Cybersecurity researchers at Microsoft have uncovered a sophisticated piece of malware that spreads through USB drives, intercepts cryptocurrency wallet ...

「Codex」に開発者モード、Chrome DevTools Protocol(CDP)に接続、Web ...

米OpenAIは6月12日(日本時間)、「Codex」アプリに「開発者モード」(developer mode)を導入したと発表した。「Google Chrome」のブラウザー操作(Browser ...