The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...

UX Design as a Waste Machine: The Hidden Costs of Digital Smoothness

Good UX hides its waste. But it doesn't disappear – it ends up in data centers, supply chains, and telemetry databases.
The Next Web

A popular OpenAI Codex tool with 29,000 weekly downloads has been quietly stealing developer tokens for a month

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.
TechCrunch

Meet Wander, a StumbleUpon-inspired tool for discovering the ‘small web’

As search becomes increasingly dominated by AI summaries and commercial content, people are experimenting and coming up with ways to make the web feel more human like it used to, building everything ...
Android

Infostealer Malware Sneaks into Popular Codex UI Tool After One Month of Building Trust

Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...

Samsung Releases Free Upgrades To Millions More Galaxy Phones

Samsung's One UI 8.5 rollout has reached some of its cheapest Galaxy phones, and more Galaxy S26 features could be heading to ...
Hackaday

This Week In Security: Ubiquiti Fixes, And FreeBSD Joins The Club You Don’t Want To Join

Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities ...
eWeek

AI App Builders Cheat Sheet: Best No-Code, Full-Stack, and Mobile App Tools

Compare top AI app builders for prototyping, mobile apps, internal tools, backend depth, security, pricing, and code ...
SecurityWeek

Chrome 148 Update Patches Critical Vulnerabilities

Google has released a Chrome 148 update that resolves 79 vulnerabilities, including 14 critical-severity security defects.
GitHub

Turns Claude Code into a frontend expert that reviews and fixes your UI automatically.

Works on any URL — localhost, staging, production. Any site your machine can reach. Free for all Claude Code users (Pro plan and above). No API keys. No extra costs. Just install and go. review_ui The ...
Bleeping Computer

New Android malware uses AI to click on hidden browser ads

A new family of Android click-fraud trojans leverages TensorFlow machine learning models to automatically detect and interact with specific advertisement elements. The mechanism relies on visual ...