The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.

Fake 'interview' repos lure Next.js devs into running secret-stealing malware

Come for the coding test, stay for the C2 traffic Next.js developers are once again in the crosshairs as hackers seed ...
Hoodline

San Antonio AI Researchers Sound Alarm On Phantom Package Trap

UTSA: ~20% of AI-suggested packages don't exist. Slopsquatting could let attackers slip malicious libs into projects.

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that ...
InfoWorld

Three web security blind spots in mobile DevSecOps pipelines

Mobile platforms operate under fundamentally different trust assumptions than we relied on for web security. Your mobile ...

Indie web browser Ladybird flutters toward Rust with a little help from AI

Project ditches Swift and translates C++ with LLM assistance The independent Ladybird web browser project is changing course ...
Control Global

New virtualization tools keep sprouting

Just like algae blooms in the ocean and pollen in the spring, there’s been an explosion in the past year or two of new ...

Anthropic acquires AI startup Vercept to enhance Claude’s computer use features

Vercept’s first investor was a Seattle-based startup incubator called AI2 Incubator. The organization started out as a unit ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Security Boulevard

Refund scam impersonates Avast to harvest credit card details

A convincing fake Avast site displays a €499.99 charge and promises a refund. Instead, it harvests your name, address, and ...
Indianapolis Business Journal

Where did lawmakers land on data center payments, rental caps, IEDC credits?

Indiana lawmakers sent Gov. Mike Braun a hefty local finance bill on the last day of the legislative session, weighing in on ...