CSO Online

GitHub phishers use fake OpenClaw tokens to drain crypto wallets

Attackers exploit OpenClaw hype with fake “CLAW” airdrops, luring developers from GitHub into wallet-draining phishing sites.
The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until Feb 19, 2026 fix.
The Hacker News

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.
The Caledonian-Record

Feds arrest Migrant Justice leader in Essex on 9 felony counts; Indictment links to smuggling and obtaining false documents

A Migrant Justice leader in Burlington, who was detained by the Border Patrol in Richford last summer, has now been indicted on criminal charges of conspiracy to bring aliens to ...
CyberGuy

DarkSword leak puts millions of iPhone users at risk

Leaked DarkSword code makes iPhones on older iOS easy targets. See who is at risk and how to protect your device right now.