The Hacker News

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

CNCERT warns OpenClaw AI agent has weak defaults enabling prompt injection and data leaks, prompting China to restrict use on ...
AOL

Breakthrough intramuscular injection speeds heart attack recovery

For a heart just damaged by a blocked artery, timing matters. So does access. That is what makes a new experimental treatment stand out: instead of being delivered directly to the heart, it is ...

Chrome encryption bypass discovered: New malware steals passwords and cookies

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege ...
Dark Reading

'Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft

A prompt injection vulnerability paired with other flaws can turn a Google search into a full attack chain that could ...

VoidStealer malware steals Chrome master key via debugger trick

An information stealer called VoidStealer uses a new approach to bypass Chrome's Application-Bound Encryption (ABE) and ...
Nature

An enzyme inside the bacterial-cell membrane chops up viral DNA on entry

When a virus infects a bacterial cell, the viral genome is the first component to be fully injected into the cell, making it an ideal immune target. A bacterial enzyme anchored to the membrane ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
heise online

Pi-hole: Update closes security vulnerabilities and delivers more performance

The DNS-based ad blocker Pi-hole patches two security vulnerabilities in its updated version. Additionally, the programmers have implemented changes that boost performance, especially on older ...