PCMagOpinion

I Just Vibe Coded a Global Mass Surveillance Site in 2 Hours With OpenAI's Codex. It Was Terrifyingly Easy

I have zero coding skills, but I was able to quickly assemble camera feeds from around the world into a single view. Here's ...
Decrypt

OpenAI Super App Takes Shape: Codex Gets Computer Use, Browser, and Image Gen

OpenAI's Codex desktop app now controls your Mac, runs its own browser, and generates images in a new update released today.

This New Tool Can Steal Your Passwords And Info – Even With 2FA Enabled

Storm is a Windows infostealer that steals encrypted browser data, decrypts it off-device, and uses session cookies to bypass ...
CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

Researchers discover malicious AI agent routers that can steal crypto

Some AI API routers can steal crypto private keys and inject malicious code, researchers warned in a new security study.

The silent “Storm”: New infostealer hijacks sessions, decrypts server-side

New "Storm" infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA.
Hackaday

Don’t Trust Password Managers? HIPPO May Be The Answer!

The modern web is a major pain to use without a password manager app. However, using such a service requires you to entrust your precious secrets to a third party. They could also be compromised, ...