Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

QuickLens Chrome extension steals crypto, shows ClickFix attack

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was ...
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.
Appuals

Fix: The Windows Security Center Service is Turned Off

If Security Center is turned off or missing, Windows cannot correctly show your protection status in the Windows Security app. This usually means the ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...
腾讯网

斩获30.5k Star!Claude Code长期记忆插件Claude-Mem开源,实现跨会话上下文 ...

重度依赖 Claude Code 等编程智能体的开发者,大多都在为一个绕不开的痛点而抓狂:AI助手总是“阅后即焚”,跨会话失忆严重。 每次开启一个新的会话, Claude Code 就像一张白纸。昨天刚敲定的架构设计、上周踩过的 API 坑、团队的代码规范,它统统不记得了。于是只好从头复制粘贴历史上下文、重复解释需求。这不仅浪费了大量开发时间,更是在无形中白白烧掉了大量的 Token 额度,还破坏 ...