OpenClaw gives users yet another reason to be freaked out about security

Once the access is given, OpenClaw is designed to act precisely as the user would, with the same broad permissions and ...
The Hacker News

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Cookie-gated PHP web shells enable persistent Linux RCE via cron-based re-creation, reducing detection in routine traffic ...

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google patches 21 Chrome vulnerabilities, including an actively exploited zero-day flaw that could enable code execution and ...
Decrypt

News Explorer — x402 Foundation Led by the Linux Foundation Will Govern Coinbase-Backed AI Agent Payments Protocol

The x402 Foundation, overseen by the Linux Foundation, will manage the development of a new internet payments standard, x402 ...
SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
CoinDesk

How a Solana feature designed for convenience let attackers drain more than $270 million from Drift

The exploit did not involve a bug in Drift's code. It used "durable nonces," a legitimate Solana transaction feature, to pre-sign administrative transfers weeks before executing them, bypassing the ...
CoinDesk

Coinbase’s AI payments system joins Linux Foundation, gathers support from Google, Stripe, AWS and others

The Coinbase-engineered agentic commerce protocol x402 has garnered support from a long list of big names like Google, ...
Network World

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and ...

Apple made strides with iOS 26 security, but leaked hacking tools still leave millions exposed to spyware attacks

The common assumption among iPhone security experts has been that finding vulnerabilities and developing exploits for iOS was ...
GitHub

linux-exploit-cred-reuse.json

"description": "Chain credential reuse across SSH, database, and web admin interfaces for lateral movement and privilege escalation.\n\nSystematically test discovered ...