The Hacker News

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

Active React2Shell exploitation uses malicious NGINX configurations to hijack web traffic, targeting Baota panels, Asian TLDs ...
The Hacker News

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.
CSO Online

From credentials to cloud admin in 8 minutes: AI supercharges AWS attack chain

AI-assisted attackers weaponized exposed credentials and permissive roles to move from initial access to full AWS admin ...
CSO Online

Threat actors hijack web traffic after exploiting React2Shell vulnerability: Report

Hijacking web traffic is an old tactic for threat actors. In fact David Shipley, head of Canadian security awareness training ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

Wall Street Brunch: Mega And Macro

Kevin Warsh’s Fed nomination may reshape January payrolls reaction. Amazon and Alphabet earnings spotlight AI demand and cost cuts. Bitcoin dips below $80K as investors debate ...
eWeek

Moltbook Bots Build Lobster Cult

Who needs humans when a purported 1.5 million agents trade lobster memes and start their own religion? Moltbook, vibe-coded by Octane AI founder Matt Schlicht in a weekend (he cla ...
PCMag Australia

OpenClaw Is the Hot New AI Agent, But Is It Safe to Use?

Previously Clawdbot and then Moltbot, this agent can take actions without you having to prompt it and make those decisions by ...
Security Boulevard

Moltbot Personal Assistant Goes Viral—And So Do Your Secrets

Early 2026, Moltbot a new AI personal assistant went viral. GitGuardian detected 200+ leaked secrets related to it, including ...