Dark Reading

Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS

SHub Reaper stealer, which hides behind fake WeChat and Miro installers, marks a shift from ClickFix social engineering to ...
CSO Online

SHub Reaper impersonates Apple, Google, and Microsoft in one MacOS attack chain

The latest SHub macOS infostealer variant abandons Terminal-based ClickFix tactics for AppleScript execution, using fake ...
XDA Developers on MSN

Treating Claude Code as just a coding tool is like using a Swiss Army knife to open cans

The terminal assistant you paid for can do a lot more than coding.

Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can Bypass BitLocker

Microsoft has released a temporary mitigation for YellowKey, a Windows zero-day that can reportedly bypass BitLocker ...
techtimes

Cursor Composer 2.5 Matches Claude Opus 4.7 on Coding Benchmarks at One-Tenth Cost

Composer 2.5 is Cursor's third-generation proprietary coding agent, available exclusively inside the Cursor IDE and through the @cursor/sdk — not as a general API. Like its predecessor, it is built on ...
Tech Times

OpenAI Codex Becomes Desktop Agent: Controls Mac Apps, Watches Screen, Runs on Mobile

Over a six-week stretch in spring 2026, OpenAI rebuilt what its Codex product actually is. On April 16, the company released a major Codex update titled “Codex for (almost) everything,” ...
XDA Developers on MSN

Cron inside WSL beats Windows Task Scheduler for one reason: it actually works the way I think

Here's how I use Linux to automate Windows tasks.
The Hacker News

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

Megalodon pushed 5,718 malicious GitHub commits in 6 hours, exposing CI secrets and cloud credentials at scale.

Valid certificates, stolen accounts: how attackers broke npm's last trust signal

Stolen credentials produced valid Sigstore certificates, clearing 633 malicious npm packages — one of seven developer tool ...