The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel domains to stage malware is a tactic that has been adopted by North Korea-linked ...

Oasis Security Research Team Discovers Critical Vulnerability in OpenClaw

Oasis Security, the identity security platform, today released new threat research exploring a vulnerability chain in ...
The Hacker News

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

OpenClaw patches ClawJacked flaw, log poisoning bug, and multiple CVEs as 71 malicious ClawHub skills spread malware and crypto scams.
Techrights

Links 03/03/2026: "No one wants to read your AI slop" and "chatbots in the kill chain"

The circuit court now expects the Trump administration to file a brief by March 20 explaining why it appealed the district court’s ruling and for Kelly’s legal team to file its reply brief by April 27 ...
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 ...
Visual Studio Magazine

GitHub Copilot CLI Reaches General Availability, Bringing Agentic Coding to the Terminal

GitHub Copilot CLI is now generally available for all paid Copilot subscribers, offering agentic workflows, multiple AI model support, and specialized agents for terminal-based development.