The Hacker News

ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories

ThreatsDay Bulletin tracks active exploits, phishing waves, AI risks, major flaws, and cybercrime crackdowns shaping this week’s threat landscape.

Modern PDF platforms are becoming high-risk attack surfaces

Modern PDF platforms can now function as full attack gateways rather than passive document viewers.
SecurityWeek

Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration

Vulnerabilities in PDF platforms from Foxit and Apryse could have been exploited for account takeover, data exfiltration, and ...
InfoWorld

WebMCP API extends web apps to AI agents

W3C proposal backed by Google and Microsoft allows developers to expose client-side JavaScript tools to AI agents, enabling ...

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 ...
CSO Online

Open source maintainers being targeted by AI agent as part of ‘reputation farming’

“Once contribution and reputation building can be automated, the attack surface moves from the code to the governance process around it. Projects that rely on informal trust and maintainer intuition ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
Crude Oil Prices

API: Reviving Venezuela's Oil Sector Will Be Long, Multi-Billion Dollar Process

Oil industry executives have voiced that reviving Venezuela's oil production will be a long and costly process. Companies will need stable, legally defined frameworks, security for investments, and ...
Yahoo Finance

Foxit and Ingram Micro Expand Partnership into Canada, Giving Resellers Access to the Industry's Most Advanced Document Management Solutions

With Foxit now on the Ingram Micro Canada line card, resellers can offer end customers a complete suite of enterprise-grade solutions — including Foxit PDF Editor and eSign — packed with features that ...
VentureBeat

Why Google's new Interactions API is such a big deal for AI developers

For the last two years, the fundamental unit of generative AI development has been the "completion." You send a text prompt to a model, it sends text back, and the transaction ends. If you want to ...
CoinTelegraph

Binance hints at stock perps in push to join global tokenized equities race

Binance quietly rolled out API endpoints pointing to stock perpetual futures, potentially signaling a renewed push into stock trading after a failed 2021 launch. Crypto exchange Binance has added new ...
USA Today

PDF Editor Malware Risks: How Foxit & Files Editor Lead in Security and Support

Managing sensitive business documents online presents serious challenges, especially when using PDF editors. Many companies unknowingly expose themselves to malware, phishing, or insecure platforms ...