Claude collaboration tools left the door wide open to remote code execution

Anthropic fixed the flaws – but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users' machines and steal API ...
The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.
londonlovesbusiness.com

Five AI image generator with API access compared: Cost, speed and quality ranked

AI-generated images now headline billboards, fill product catalogues, and slip into everyday slide decks—a leap from party trick to mainstream business tool. UK teams want specifics: Which API ...
Wired

I Tried H&R Block’s Assisted and DIY Tax Services. Here’s Who’ll Benefit From It

Filing taxes is a pain. Here’s how H&R Block DIY and Assisted performed against other services I tested. I've been through the wringer with my taxes the past couple of years. Last year, I was a ...
The Hacker News

⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

Zero-day exploits, AI-driven Android malware, firmware backdoors, password manager trust gaps, rising DDoS define this week’s critical cyber threats.