The Hacker News

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

Google: $17.1 million paid out in bug bounty program 2025

In its 2025 bug bounty program "VRP", Google paid out over 17 million US dollars in rewards to IT researchers.
CSO Online

ClickFix techniques evolve in new infostealer campaigns

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat.
TweakTown

Elgato Stream Deck+ XL shown running the original DOOM game with controller

A developer has used OpenAI Codex to successfully port the original DOOM game over to Elgato's Stream Deck+ XL, and even a controller can be used.

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

AI is supercharging cloud cyberattacks - and third-party software is the most vulnerable

Cloud attacks are getting faster and deadlier - here's your best defense plan ...
Windows Report

Google Patches Two Chrome Zero-Day Vulnerabilities in Emergency Security Update

Google releases an emergency Chrome update fixing two zero-day vulnerabilities affecting Skia and the V8 engine on desktop systems.
Opinion
PCMagOpinion

I Vibe Coded a Global Mass-Surveillance Site in 2 Hours Using OpenAI's Codex. That's a Privacy Nightmare

With zero coding skills, I was able to quickly assemble camera feeds from around the world into a single view. Here's how I did it, and why it's both promising and terrifying for all of us.

Coding After Coders: The End of Computer Programming as We Know It

In the era of A.I. agents, many Silicon Valley programmers are now barely programming. Instead, what they’re doing is deeply, ...