Bleeping Computer

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the ‘PhantomRaven’ supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. The campaign ...
Computer Weekly

Zencoder CEO to developers: OpenClaw is the canary, not the destination

Keen to explain how we should regard this technology today is Andrew Filev, CEO and founder at Zencoder, a company known for its cloud-based video encoding service that converts files for any device.
winbuzzer.com

Fake Claude Code Pages Spread Malware to Developers via Google Ads

Claude Code is Anthropic’s agentic coding tool that allows developers to run CLI commands and build long-running agents. This week, developers searching Google for it are landing on near-perfect ...
SecurityWeek

OpenAI Rolls Out Codex Security Vulnerability Scanner

Codex Security, formerly Aardvark⁠, has found hundreds of critical vulnerabilities in tested software in the past month.

AI can rewrite open source code—but can it rewrite the license, too?

Computer engineers and programmers have long relied on reverse engineering as a way to copy the functionality of a computer ...
CSO Online

Devs looking for OpenClaw get served a GhostClaw RAT

GhostClaw poses as an OpenClaw installer package, stealing system credentials and sensitive data before deploying a persistent RAT.

APT28 hackers deploy customized variant of Covenant open-source tool

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations.