The Hacker News

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...
Infosecurity Magazine

What CISOs Should Know (And Do) About OpenClaw

Infosecurity spoke to several experts to explore what CISOs should do to contain the viral AI agent tool’s security vulnerabilities ...
The Del Norte Triplicate

Medicine Bow Beta

Medicine Bow Beta. Oppression leads to wealth? Grudge that a bouquet shot would be humiliating! Hot brine or dry curry leaves? Stimulus job count by doing bore well. A learner to ...

Researchers Uncover New Phishing Risk Hidden Inside Microsoft Copilot

Researchers reveal how Microsoft Copilot can be manipulated by prompt injection attacks to generate convincing phishing messages inside trusted AI summaries.

New font-rendering trick hides malicious commands from AI tools

A new font-rendering attack causes AI assistants to miss malicious commands shown on webpages by hiding them in seemingly harmless HTML.

Fake AI developer tools are distributing Amatera and AMOS malware

Hackers are using malvertising campaigns to disguise infostealers as AI tools.
WinBuzzer

GitHub: Glassworm Hides Malware in Invisible Unicode Across 151+ Repos

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...