InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...
InfoQ

AWS Launches Managed Openclaw on Lightsail amid Critical Security Vulnerabilities

AWS launched managed OpenClaw on Lightsail for AI agent deployment while security concerns mount. The 250k-star GitHub project is affected by CVE-2026-25253, which enables one-click RCE, with 17,500+ ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
IEEE

Feistel-PUF: Sequential Obfuscation-Based Machine Learning Attack-Resistant Physical Unclonable Function for IoT Device Security Authentication

Abstract: Device authentication protocols based on a strong physical unclonable function (PUF) show promise for enhancing Internet of Things (IoT) security. However, a strong PUF is vulnerable ...