The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 ...

Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite

AI browsing agent left local files open for the taking If you wanted to steal local files from someone using Perplexity's ...
The Hacker News

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

OpenClaw patches ClawJacked flaw, log poisoning bug, and multiple CVEs as 71 malicious ClawHub skills spread malware and ...
Network World

AI transforms ‘dangling DNS’ into automated data exfiltration pipeline

Generative AI is raising the risk of dangling DNS attack vectors, as the orphaned resources are no longer just a phishing ...
Security Boulevard

Middle East Conflict Fuels Opportunistic Cyber Attacks

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ...
InfoWorld

Three web security blind spots in mobile DevSecOps pipelines

Mobile platforms operate under fundamentally different trust assumptions than we relied on for web security. Your mobile ...
Silicon Republic

Major phishing operation disrupted in joint Europol action

Tycoon 2FA accounted for around 62pc of all phishing attempts blocked by Microsoft by mid-2025. A joint cybersecurity operation has disrupted one of the world’s largest phishing-as-a-service platforms ...
Techrights

Links 03/03/2026: "No one wants to read your AI slop" and "chatbots in the kill chain"

The circuit court now expects the Trump administration to file a brief by March 20 explaining why it appealed the district ...

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages ...
The Caledonian-Record

Deterministic AI: What it is and when to use it

Zapier reports that deterministic AI ensures consistent outcomes in workflows by embedding AI within structured rules, ...