The Hacker News

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in ...

OpenClaw patches one-click RCE as security Whac-A-Mole continues

Researchers disclose rapid exploit chain that let attackers run code via a single malicious web page Security issues continue ...

Moltbook had an exposed database with over 20,000 emails, 1.5 million API keys and more

Moltbook, the viral platform for AI bots, reportedly built and moderated by AI bots, had a huge security flaw that exposed sensitive information, according to security researchers.
InfoWorld

How should AI agents consume external data?

The jury’s out on screen scraping versus official APIs. And the truth is, any AI agent worth its salt will likely need a mixture of both.
Cyber Daily

Open inspection: Real estate leasing platforms at major data leak risk, investigation reveals

New findings have revealed that popular platforms used by real estate agents may be putting millions of files containing personal data at risk of being leaked.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
The Hacker News

⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

This week’s cybersecurity recap highlights key attacks, zero-days, and patches to keep you informed and secure.
InfoQ

Cloudflare's Matrix Homeserver Demo Sparks Debate over AI-Generated Code Claims

A Cloudflare blog post claiming a "production-grade" Matrix homeserver on Workers didn't survive community scrutiny. Missing ...