MIT Technology Review

The Download: Trump’s new AI order, and smart glasses for warfare

Plus: SpaceX plans to raise $75 billion in IPO at $135 per share. This is today's edition of The Download, our weekday ...

Fake GTA 6, real malware: the new scam targeting Windows and Android

For several weeks now, multiple waves of fake GTA 6 betas have been circulating online, specifically targeting Windows and ...

Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other ...

Minecraft malware campaign reportedly infected over 116,000 players

Researchers say a malware campaign disguised as Minecraft mods and cheats infected over 116,000 devices through Discord ...

Hackers duped Meta AI support chatbot to steal celebrity Instagram accounts

Meta’s AI support chatbot proved unusually helpful to hackers looking to steal and resell notable Instagram accounts—the ...
Decrypt

What Is an AI Prompt Injection Attack? The Hidden Threat Hijacking Your Chatbots

Hackers can hijack ChatGPT, Claude, and Gemini with nothing but a sentence. OpenAI says the problem may never be fully solved.
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Hackers are now using ChatGPT share links to deliver malware

Hackers are now abusing ChatGPT to generate malicious webpages that trick unsuspecting users into downloading malware onto their machines.

CrowdStrike and Google take down botnet used by hackers to target open source software developers

Cybercriminals used the Glassworm botnet to infect open source software projects with malware, and in turn hack the ...
Bleeping Computer

Hackers exploit FortiClient EMS flaw to push infostealer malware

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. The attacker ...

GPU mining malware spreads via SEO poisoning, AI chatbots

Threat actors are targeting systems with high-performance computers in an ongoing cryptojacking campaign spread through a ...

My new favorite Windows app made my PC safer and more reliable - and it's free

Downloading executable installer files from random websites is the best way to put malware on your Windows PC. Stop doing ...