The Hacker News

OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

OpenClaw integrates VirusTotal Code Insight scanning for ClawHub skills following reports of malicious plugins, prompt injection & exposed instances.
Electronic Design

GitLab’s DevSecOps Enhances Security for Software Developers

The DevSecOps system unifies CI/CD and built-in security scans in one platform so that teams can ship faster with fewer vulnerabilities.
Opinion

Google: China's APT31 used Gemini to plan cyberattacks against US orgs

Meanwhile, IP-stealing 'distillation attacks' on the rise A Chinese government hacking group that has been sanctioned for targeting America's critical infrastructure used Google's AI chatbot, Gemini, ...
CSO Online

Software supply chain risks join the OWASP top 10 list, access control still on top

There were some changes to the recently updated OWASP Top 10 list, including the addition of supply chain risks. But old ...
BankInfoSecurity

Breach Roundup: CISA Flags OT Risks After Polish Grid Hack

This week, a CISA warning, Nest footage in Nancy Guthrie case, Signal phishing. Spanish hacker, Russian asylum. Spanish ...
The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively exploited.
CSO Online

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.
InfoQ

LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning

LinkedIn has rebuilt its static application security testing (SAST) pipeline using GitHub Actions and custom workflows, ...
CNBC

Pfizer says obesity injection shows promise as monthly treatment in mid-stage trial

Pfizer said its experimental obesity drug, which it acquired through Metsera, drove solid weight loss when taken once a month in a mid-stage trial. The data offer early evidence that the injection can ...
Game Rant

Roblox: Sorcerer Ascent Codes

Tom Bowen is a senior editor who loves adventure games and RPGs. He's been playing video games for several decades now and writing about them professionally since 2020. Although he dabbles in news and ...