The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.
eWeek

Ranked: 8 Things You Should Never Paste Into an AI Chatbot

Copy-pasting into chatbots feels harmless, but it can leak IDs, bank details, health records, work files, and login secrets. Here are the top 8 to avoid.
eWeek

What Is Clawdbot? The Viral Self-Hosted AI Assistant Taking Over X

Clawdbot is a viral, self-hosted AI agent that builds its own tools and remembers everything—but its autonomy raises serious ...

AI framework flaws put enterprise clouds at risk of takeover

Two "easy-to-exploit" vulnerabilities in the popular open-source AI framework Chainlit put major enterprises' cloud environments at risk of leaking data or even full takeover, according to ...