Microsoft

ClickFix campaign uses fake macOS utilities lures to deliver infostealers

Threat actors are targeting macOS users with fake utility fixes that trick them into running malicious Terminal commands.
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...

Usage-based pricing killing your vibe - here's how to roll your own local AI coding agents

With model devs pushing more aggressive rate limits, raising prices, or even abandoning subscriptions for usage-based pricing ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...

Ars Asks: Share your shell and show us your tricked-out terminals!

Exposure therapy to the bash shell brought me to the tipping point, and I jumped ship to the Macintosh side of the house. It ...

The most severe Linux threat to surface in years catches the world flat-footed

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of ...
Computerworld

Industry

Meta to track employee keystrokes, screen activity to train AI agents The data, gathered through a new internal tool, will be used to improve AI agents’ ability to navigate software and complete ...