Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

New Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available

Researchers disclosed usbliter8, a SecureROM exploit affecting older Apple devices that can bypass boot protections with ...