OpenAI is putting ChatGPT, its browser and code generator into one desktop app

OpenAI is developing a “super app” for desktop that unifies ChatGPT, its browser and its Codex app, according to the Wall ...

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
TechRadar

‘We must do more to protect our credentials’: Password security has barely changed since 2015 — and that's a big problem for everyone

Despite the rise of many tools to make securing credentials easier, not enough has changed in password habits over the past 10 years. Cybersecurity researcher Jeremiah Fowler has compared password ...
The Verge

OpenAI’s Sora video generator is reportedly coming to ChatGPT

Sora could soon get more accessible in ChatGPT, potentially leading to a new flood of deepfakes from the video generator. Sora could soon get more accessible in ChatGPT, potentially leading to a new ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
TechCrunch

AI music generator Suno hits 2M paid subscribers and $300M in annual recurring revenue

Suno co-founder and CEO Mikey Shulman shared on LinkedIn that the AI music generator has amassed 2 million paid subscribers and $300 million in annual recurring revenue. Just three months ago, Suno ...
CSO Online

Chrome ABE bypass discovered: New VoidStealer malware steals passwords and cookies

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege ...

Chrome encryption bypass discovered: New malware steals passwords and cookies

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
The Guardian

‘Exploit every vulnerability’: rogue AI agents published passwords and overrode anti-virus software

Exclusive: Lab tests discover ‘new form of insider risk’ with artificial intelligence agents engaging in autonomous, even ‘aggressive’ behaviours Robert Booth UK technology editor Rogue artificial ...