The Next Web

Hackers are mass-exploiting a Gravity SMTP flaw to steal API keys from 100,000 WordPress sites

Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
The Hacker News

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...
TWCN Tech News

Best free Key Mapping software for Windows PC

When the keyboard was first designed, the intention was to keep every key in the right position as per its estimated usage. However, that was in the typewriter era. The common uses have changed with ...

Google, Microsoft Back Draft AI Agent Discovery Spec

A coalition including Google, Microsoft, and GitHub published Agentic Resource Discovery, an open draft spec for how AI ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Nature

Open Access Fees and Funding

All articles published in Scientific Data are made freely and permanently available online immediately upon publication, without subscription charges or registration barriers. Further information ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...