Malicious Chrome extensions caught stealing sensitive data

Chrome extensions called "Phantom Shuttle" stole user data for years before Google removed them from the Chrome Web Store ...
InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
MIT Technology Review

The man who made India digital isn’t done yet

Nandan Nilekani built Aadhaar, India’s vast digital biometric identity system. Now he wants to Aadhaarize the world.
Futurism on MSN

Live Coverage: Is Grok Still Being Used to Create Nonconsensual Sexual Images of Women and Girls?

X users continue to use Grok to generate nonconsensual porn of women and literal children. Will X or xAI stop it?
Microsoft

Phishing actors exploit complex routing and misconfigurations to spoof domains

Threat actors are exploiting complex routing scenarios and misconfigured spoof protections to send spoofed phishing emails, ...
InfoQ

API Platform Unkey Ditches Serverless After Performance Struggles

Developer Platform Unkey has written about rebuilding its entire API authentication service from the ground up, moving from ...

How ZachXBT exposed a Coinbase impersonation scam using onchain clues

ZachXBT linked a fake Coinbase “help desk” campaign to about $2 million in losses by combining onchain signals with offchain ...