LinkedIn secretely scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan ...
The Hacker News

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

REF1695 spreads RATs and miners since Nov 2023 via ISO lures, earning 27.88 XMR across four wallets through cryptomining and ...

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

Karpathy shares 'LLM Knowledge Base' architecture that bypasses RAG with an evolving markdown library maintained by AI

Karpathy proposes something simpler and more loosely, messily elegant than the typical enterprise solution of a vector ...
The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.