SecurityWeek

OpenClaw Vulnerability Allowed Malicious Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...
The RegisterOpinion

LibreOffice Online dragged out of the attic, dusted off for another go

The Document Foundation (TDF) has pulled LibreOffice Online out of its "attic" – its term for retired projects – and is ...
The Caledonian-Record

Huawei to Announce the Open Source Project of A2A-T Software, Boosting the application of ...

BARCELONA, SPAIN - Media OutReach Newswire - 1 March 2026 - On the eve of the 2026 Mobile World Congress (MWC 2026), Huawei ...

Kate Moss closes Demna’s first Gucci show in a plunging gown and branded thong

Demna has unveiled his first Gucci runway show in Milan, and he's pushing the brand back toward sleek, body-hugging sex appeal.
InfoQ

Vercel Releases React Best Practices Skill with 40+ Performance Rules for AI Agents

Vercel has launched "react-best-practices," an open-source repository featuring 40+ performance optimization rules for React and Next.js apps. Tailored for AI coding agents yet valuable for developers ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

Chainguard Customers Have 94% Python Ecosystem Coverage for Their Environments

Chainguard, the trusted source for open source, today announced it has expanded Chainguard Libraries coverage across Python, Java, and JavaScript, with customers seeing 94% coverage across the Python ...
Cybernews

Hackers can exploit thousands of exposed Google API keys to access Gemini and steal data

Exposed Google API keys previously not considered secrets can now inadvertently grant attackers access to sensitive Gemini ...
Hoodline

San Antonio AI Researchers Sound Alarm On Phantom Package Trap

UTSA: ~20% of AI-suggested packages don't exist. Slopsquatting could let attackers slip malicious libs into projects.
Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...
Visual Studio Magazine

VS Code v1.110 Insiders: AI Agents Gain Native Browser Access and Global Instructions

The VS Code 1.110 cycle is putting more 'hands-on' capabilities into chat, led by native browser integration that lets AI agents interact with page elements, capture screenshots, and pull real-time ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...