The Hacker News

Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor

A fake Go module posing as golang.org/x/crypto captures terminal passwords, installs SSH persistence, and delivers the ...

Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware

Fake OpenClaw installers hosted in GitHub repositories and promoted by Microsoft Bing's AI-enhanced search feature instructed users to run commands that deployed information stealers and proxy malware ...
Hackaday

Back To Basics: Hacking On Key Matrixes

A lot of making goes on in this community these days, but sometimes you’ve just gotta do some old fashioned hacking. You might have grabbed an old Speak and Spell that you want to repurpose ...
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...

Want to try OpenClaw? NanoClaw is a simpler, potentially safer AI agent

Want to try OpenClaw? NanoClaw is a simpler, potentially safer AI agent ...
Hackaday

Hackaday Podcast Ep 359: Flying Squids, Edible Passwords, And A CAD Automaton

Hackaday editors Elliot Williams and Al Williams met up to trade their favorite posts of the week. Tune in and see if your favorites made the list. From crazy intricate automata to surprising ...
Opinion
PCMag on MSNOpinion

I Taught Myself to Use the Flipper Zero in an Hour, Then Hacked Everything in My Home

It looks like a cute little dolphin-themed toy, but the Flipper Zero is a surprisingly powerful learning tool for hacking. Here's how I mastered mine—and how you can, too.