The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...

手把手教你安全“养虾”:OpenClaw极简部署指南

手把手教你安全“养虾”:OpenClaw极简部署指南,服务器,websocket,插件,vm,key,网关 ...

国家互联网应急中心通报:OpenClaw存在致命漏洞,90%实例可被直接攻击

今天下午朋友圈被安全圈的同行刷屏了——国家网络与信息安全信息通报中心(以下简称“通报中心”)发布了一则关于OpenClaw的风险预警。说实话,看到这份通报的时候我倒吸了一口凉气。不是因为漏洞又多又严重,而是那份“90%实例可被直接攻击”的结论,意味着如果你正在用这个当红的AI智能体框架,大概率已经成了黑客的肉鸡。 OpenClaw是什么?如果你还没听过,简单来说它是一个开源的AI自动化工具,你可以 ...
CPO Magazine

Security Research Finds OpenClaw AI Agent “Trivially Vulnerable” to Hijacking

The Oasis researchers document a vulnerability chain that can be initiated from any website the AI agent (or its user) visits ...

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
腾讯网

俄黑客组织利用微软Edge漏洞攻击乌克兰,部署DRILLAPP后门窃密

西班牙S2 Grupo公司旗下LAB52威胁情报团队最新报告显示,乌克兰实体正成为一场新攻击活动的目标,该活动疑似由与俄罗斯有关联的黑客组织发起。2026年2月监测到的此次攻击,与代号Laundry Bear(又称UAC-0190或Void ...
The Hacker News

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

OpenClaw has yet another major security flaw - here's what we know about 'ClawJacked'

Don't leave your OpenClaw with an easy password ...
NYU Tisch School of the Arts

ITP/IMA Summer 2026 Course Offerings Announced

Visiting students can Apply for the summer term. For better or worse humanity is heading down the virtual rabbit hole. We’re ...