Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...

Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite

AI browsing agent left local files open for the taking If you wanted to steal local files from someone using Perplexity's ...

Pencil.dev Merges Visual Design and Code Output into One Responsive Workflow

Pencil.dev focuses on design-to-code speed versus static tools; upcoming reusable component libraries are planned for 2026.

Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

Figma partners with OpenAI to bake in support for Codex

Figma is integrating OpenAI's coding assistant Codex a week after it announced a similar integration with Anthropic's Claude ...
The Hacker News

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Four rogue NuGet packages and one npm package stole ASP.NET Identity data, deployed C2 backdoors, and reached over 50,000 ...

Four areas likely to attract tax audits as CRA scrutiny ramps up

The real estate sector has long attracted the CRA’s scrutiny, but short-term rentals, in particular, are likely to be in the ...
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...

WinUIpad: AI to the Rescue ⭐

With progress slowing to a crawl, I researched Windows App SDK alternatives and then started experimenting with AI pair programming.
The News International

Thousands of Google accounts could be misused by hackers: Report

Thousands of Google Cloud API keys available online may have given unauthorised access to sensitive Gemini AI endpoints, ...

Anthropic acquires AI startup Vercept to enhance Claude’s computer use features

Vercept’s first investor was a Seattle-based startup incubator called AI2 Incubator. The organization started out as a unit ...
Opinion

AI willing to 'go nuclear' in wargames

As the deadline looms for a leading AI lab to hand over its tech to the US military, a study has appeared suggesting AI models are more than willing to go nuclear in wargames.