Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

「Codex」に開発者モード、Chrome DevTools Protocol(CDP)に接続、Web ...

米OpenAIは6月12日(日本時間)、「Codex」アプリに「開発者モード」(developer mode)を導入したと発表した。「Google Chrome」のブラウザー操作(Browser ...

Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.
TestingCatalog

ICYMI: OpenAI released CDP support for browser use on Codex

OpenAI’s Codex now gains controlled access to Chrome DevTools, letting it profile JavaScript and modify site elements in its in-app browser mode.

Norks blast 250+ fake job offers to developers over 6 weeks to try and snarf creds and crypto

There's another likely North Korean-linked scam hitting developers and their employers, while snarfing up credentials and ...
guardian.co.tt

Maxi operators want PH crackdown after Mercedez's murder

JavaScript is disabled in your web browser or browser is too old to support JavaScript. Today almost all web pages contain JavaScript, a scripting programming language that runs on visitor's web ...
Tech Times

Cloudflare Buys VoidZero: Vite’s 130M Weekly Users Get a New Vendor-Neutrality Pledge

Cloudflare VoidZero acquisition gives a competing CDN governance of Vite, the open source JavaScript build tool with 130 million weekly downloads and default status in React Router, Nuxt, SvelteKit, ...
Crypto Briefing

Microsoft fixes severe VS Code vulnerability enabling GitHub token theft

Security researcher Ammar Askar disclosed a critical vulnerability in Visual Studio Code on June 2, 2026, revealing that attackers could steal GitHub OAuth tokens through a deceptively simple ...