The Hacker News

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.

Someone has publicly leaked an exploit kit that can hack millions of iPhones

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions ...
TMCnet

Boosting Front-End Development with Kie.ai's GPT-5.4 Codex API: UI Code Generation and Interface Optimization

Kie.ai''s GPT-5.4 Codex API streamlines front-end development by automating UI code generation, multi-file refactoring, and ...
CSO Online

GitHub phishers use fake OpenClaw tokens to drain crypto wallets

Attackers exploit OpenClaw hype with fake “CLAW” airdrops, luring developers from GitHub into wallet-draining phishing sites.
XDA Developers on MSN

I automated my entire read-it-later workflow with a local LLM so every article I save gets summarized overnight

No more fighting an endless article backlog.
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
DMR News

Leaked DarkSword Exploit Raises Risk For Hundreds Of Millions Of Older iPhones

A newly leaked version of the DarkSword hacking tool has been published online, raising concerns among researchers that attackers can now easily target ...
The Caledonian-Record

One man, his dog, and ChatGPT: Australia's AI vaccine saga

Desperate to help his sick dog, one Australian man went down the ultimate ChatGPT research hole, using artificial intelligence to design a personalised experimental treatment and finding top scientist ...
The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...

House Republicans subpoena prosecutor for records tied to Stephen Miller protester

The demand comes after Rep. Jim Jordan, chairman of the House Judiciary Committee, opened an inquiry into Parisa ...
ZDNet

This new Claude Code Review tool uses AI agents to check your pull requests for bugs - here's how

Anthropic launches AI agents to review developer pull requests. Internal tests tripled meaningful code review feedback. Automated reviews may catch critical bugs humans miss. Anthropic today announced ...