PCMag

Database Containing 149M Stolen Passwords From Gmail, Instagram, More Exposes Malware's Reach

A security researcher uncovered an exposed online database that was stockpiling user information likely collected via malware ...

149 Million Usernames and Passwords Exposed by Unsecured Database

This “dream wish list for criminals” includes millions of Gmail, Facebook, banking logins, and more. The researcher who discovered it suspects they were collected using infostealing malware.
GitHub

cdg1921/dify_annotation_and_analysis

本项目为开源项目DIFY源码注释与解析(源码链接),以帮助更多的同学学习和理解DIFY源码,以便更快地进行二次开发和优化 ...
The Hacker News

Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs

High-severity flaws in the Chainlit AI framework could allow attackers to steal files, leak API keys & perform SSRF attacks; ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...
Macworld

These iPhone AI apps expose your data, and they’re all over the App Store

The Firehound Project is a public registry that hunts down AI apps that expose user data—and there are a ton of them.

I tried vibe coding an app as a beginner - here's what Cursor and Replit taught me

I tried four vibe-coding tools, including Cursor and Replit, with no coding background. Here's what worked (and what didn't).