The Hacker News

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

CNCERT warns OpenClaw AI agent has weak defaults enabling prompt injection and data leaks, prompting China to restrict use on ...
AOL

Breakthrough intramuscular injection speeds heart attack recovery

For a heart just damaged by a blocked artery, timing matters. So does access. That is what makes a new experimental treatment stand out: instead of being delivered directly to the heart, it is ...

Chrome encryption bypass discovered: New malware steals passwords and cookies

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege ...

VoidStealer malware steals Chrome master key via debugger trick

An information stealer called VoidStealer uses a new approach to bypass Chrome's Application-Bound Encryption (ABE) and ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
heise online

Pi-hole: Update closes security vulnerabilities and delivers more performance

The DNS-based ad blocker Pi-hole patches two security vulnerabilities in its updated version. Additionally, the programmers have implemented changes that boost performance, especially on older ...

Direct Prompt Injection: How Attackers Manipulate LLM Input

Direct prompt injection occurs when a user crafts input specifically designed to alter the LLM’s behavior beyond its intended boundaries.