Obsidian's mobile app feels half-baked until you add these 5 community plugins

That's why, even though the mobile app works, you can tell it was meant for a big screen and a keyboard. The mobile app doesn ...
Elektor Magazine

Wi-Fi-Based Person Detection on an ESP32: When Your Router Becomes a Motion Sensor

Can an ESP32 detect people without cameras or motion sensors? Discover how Wi-Fi signal disturbances, CSI, and smart DSP enable real-time occupancy and mov ...

Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Las Vegas Sun

Krisp Launches Voice Translation v3, Opens Enterprise-Grade Translation to Developers

Krisp , the leader in real-time voice AI technology, today announced Voice Translation v3, a major release for its enterprise voice translation solution, and the launch of the Voice Translation API.
GitHub

2026-05-01-WebSocket-Backdoor-Campaign-Injecting-Credit-Card-Skimmers.txt

- Obfuscated JavaScript creates a WebSocket backdoor using dynamically executed JavaScript. - The WebSocket sends an obfuscated JavaScript payload to inject a credit card skimmer into the webpage. - ...
theregister

Crime crew impersonates help desk, abuses Microsoft Teams to steal your data

A previously unknown threat group using tried-and-tested social engineering tactics - Microsoft Teams chat invitations and helpdesk staff impersonation - is also using custom malware in its ...
Dark Reading

Critical OpenClaw Vulnerability Exposes AI Agent Risks

A newly disclosed — and now patched — vulnerability in the fastest-growing AI agent tool in the developer ecosystem underscores the expanding risks organizations face from deploying AI in their ...
Bleeping Computer

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...
CSOonline

Your personal OpenClaw agent may also be taking orders from malicious websites

A critical OpenClaw flaw allowed malicious websites to connect to locally running agents, brute-force passwords without limits, and take full control by exploiting implicit trust in localhost ...
theregister

OpenClaw patches one-click RCE as security Whac-A-Mole continues

Security issues continue to pervade the OpenClaw ecosystem, formerly known as ClawdBot then Moltbot, as multiple projects patch bot takeover and remote code execution (RCE) exploits. The initial hype ...
The Hacker News

Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows

Cybersecurity researchers have warned of an actively expanding botnet dubbed Tsundere that's targeting Windows users. Active since mid-2025, the threat is designed to execute arbitrary JavaScript code ...