Cybernews

Researchers find hundreds of exposed API keys providing access to AWS, GitHub, Stripe, and OpenAI

The exposed keys belonged to major service providers such as AWS, Stripe, and GitHub, and the potential damage ranged from ...

OpenAI is putting ChatGPT, its browser and code generator into one desktop app

OpenAI is developing a “super app” for desktop that unifies ChatGPT, its browser and its Codex app, according to the Wall ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
TweakTown

Jailed Rockstar hacker hints at GTA 6 source code still being out there

TL;DR: Arion Kurtaj, a key Lapsus$ hacker behind major cyberattacks including the GTA 6 leak, revealed he received a smartphone while hospitalized. He accessed Rockstar's systems via compromised ...
Visual Studio Magazine

Getting My OpenClaw Around VS Code

A hands-on test found that OpenClaw can work with VS Code for file-based drafting and source-driven synthesis, but the current experience is still centered on a local gateway and workspace model rathe ...

OpenAI upgrades Codex to automate your workflows - and compete better with Claude Code

Codex's new plugins push it beyond coding and position it to challenge Claude Code's growing lead among developers.
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
CSO Online

Chrome ABE bypass discovered: New VoidStealer malware steals passwords and cookies

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege ...

Chrome encryption bypass discovered: New malware steals passwords and cookies

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege ...
Fox News

Apple app password scam email warning

You open your inbox and see a subject line from Apple. It says an app-specific password was generated for your account. Then your stomach drops. The email claims you ...
TechCrunch

US and EU police shut down LeakBase, a site accused of sharing stolen passwords and hacking tools

U.S. and European law enforcement have seized the database from LeakBase, which prosecutors have touted as “one of the world’s largest online forums for cybercriminals” for sharing stolen passwords ...