Security News This Week: Moltbook, the Social Network for AI Agents, Exposed Real Humans ...

Plus: Apple’s Lockdown mode keeps the FBI out of a reporter’s phone, Elon Musk’s Starlink cuts off Russian forces, and more.
Cryptopolitan

dYdX targeted as malicious packages empty its user wallets

Researchers have revealed that bad actors are targeting dYdX and using malicious packages to empty its user wallets.

Malicious packages for dYdX cryptocurrency exchange empties user wallets

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX ...

‘Con code’: The unwritten rules among inmates that may be fuelling prison violence

Also known as the inmate code or prison code, it is the violent day-to-day reality for those involved in the prison system ...

Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
InfoWorld

Deno Sandbox launched for running AI-generated code

Deno Sandbox works in tandem with Deno Deploy—now in GA—to secure workloads where code must be generated, evaluated, or ...

Verifying Gaza footage after 20 reported killed in Israeli strikes

Our verification team have been analysing new footage of body bags and mourners in Gaza after at least 20 Palestinians were ...
Techzine Europe

Critical vulnerability in React Native development tool actively exploited

Attackers are actively exploiting a critical vulnerability in React Native's Metro server to infiltrate development ...

Critical React Native Metro dev server bug under attack as researchers scream into the void

Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware to both Windows and Linux ...