Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...
InfoWorld

WebMCP API extends web apps to AI agents

W3C proposal backed by Google and Microsoft allows developers to expose client-side JavaScript tools to AI agents, enabling ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into executing malicious JavaScript in their browser, allowing attackers to ...
Hindustan Times

CBSE introduces On Screen Marking evaluation system for Class 12 board exams

The Central Board of Secondary Education (CBSE) has announced the introduction of On-Screen Marking (OSM) system for the evaluation of Class 12 answer books from the upcoming 2026 board examinations, ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
jagranjosh.com

What is CBSE On-Screen Marking System? Know All About OSM for Class 12 Students

The Central Board of Secondary Education (CBSE) has taken a major step toward modernizing board exam assessment with the introduction of the On-Screen Marking (OSM) system for Class 12 board ...
CSO Online

Open source maintainers being targeted by AI agent as part of ‘reputation farming’

“Once contribution and reputation building can be automated, the attack surface moves from the code to the governance process around it. Projects that rely on informal trust and maintainer intuition ...