The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...
CSO Online

GitHub phishers use fake OpenClaw tokens to drain crypto wallets

Attackers exploit OpenClaw hype with fake “CLAW” airdrops, luring developers from GitHub into wallet-draining phishing sites.

Epic Games lays off more than 1,000 employees as Fortnite engagement declines

Epic Games is cutting over 1,000 jobs as spending outpaces revenue and Fortnite engagement declines, CEO Tim Sweeney says.
CSO Online

New ‘StoatWaffle’ malware auto‑executes attacks on developers

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, ...
Cyber Daily

Best defence: Salesforce shares tips to defend against ShinyHunters extortion campaign

The infamous hacking group is claiming to have compromised hundreds of companies via their Salesforce instances – here’s what ...
Bleeping Computer

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks. The activity has been ongoing since at ...
GitHub

Full Stack Learning Roadmap

A comprehensive full-stack development learning resource covering programming languages, frameworks, databases, system architecture, and data structures, with practical code examples and detailed ...
InfoQ

Vercel’s Next.js 16: Explicit Caching, Turbopack Stability, and Improved Developer Tooling

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
VentureBeat

From prototype to production: What vibe coding tools must fix for enterprise adoption

Vibe coding — the fast-growing trend of using generative AI to spin up code from plain-language prompts — is quick, creative, and great for instant prototypes. But many argue that it's not cut out for ...