Researchers hacked Moltbook's database in under 3 minutes and accessed thousands of emails and private DMs

Researchers hacked Moltbook's database in minutes, exposing emails, private messages, and API keys tied to its AI agents ...
The Hacker News

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in ...
The Hacker News

Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos

Microsoft confirms a 3-phase strategy to deprecate NTLM, improve auditing, prioritize Kerberos, and disable NTLM by default ...

Pornhub shuts off access to new UK users, citing age verification constraints

New users in the United Kingdom will be unable to access Aylo’s pornography sites, including Pornhub, YouPorn and RedTube, from Monday, the company has said, citing changes to age verification ...

OpenClaw proves agentic AI works. It also proves your security model doesn't. 180,000 developers just made that your problem.

API keys and credentials. Agents operate inside authorized permissions where firewalls can't see. Traditional security models ...

Under Armour data breach claims trigger alerts for millions of users

Under Armour allegedly faces massive data breach affecting 72 million customers after hackers posted records online following ...

Android phones are getting smarter about detecting when they've been stolen

Google recently announced a new suite of anti-theft measures for modern Android devices. The company aims to protect users ...

Hinge, Match, and OkCupid user data leaked in massive breach

Finding love online just got a lot more complicated. A major new security breach has hit the parent company of Hinge, ...
PCMag

These Free VPNs, Proxies Used by Criminals to Hijack Users' Connections

Google seizes domains used by the IPIDEA proxy network, which sold access to devices compromised through free VPNs, proxy services, and mobile apps.
Dark Reading

Phishing Campaign Zeroes in on LastPass Customers

The bait incudes plausible subject lines and credible messages, most likely thanks to attackers' use of large language models ...
The HR Digest

Beware! Malicious Chrome Extensions Are Now Targeting HR Platform Users

Cybersecurity firm Socket recently uncovered multiple malicious Chrome extensions targeted at enterprise HR and ERP platform users.
CSO Online

Flaws in Chainlit AI dev framework expose servers to compromise

Security researchers uncovered two vulnerabilities in the popular Python-based AI app building tool that could allow ...