InfoWorld

Open source maintainers are being targeted by AI agent as part of ‘reputation farming’

“Once contribution and reputation building can be automated, the attack surface moves from the code to the governance process around it. Projects that rely on informal trust and maintainer intuition ...

Fake AI Chrome extensions with 300K users steal credentials, emails

A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants to steal credentials, email content, and browsing information.

The real story behind the 53% drop in SaaS AI traffic

AI traffic isn’t collapsing — it’s concentrating. Copilot surges in-workflow, 41% lands on search pages, and Q4 follows ...

JS文件里的秘密:500 万款 App 洞察,4.2 万个密钥裸奔

IT之家 2 月 18 日消息,网络安全公司 Intruder 上月发布报告,深度扫描全球 500 万款应用,发现超过 4.2 万个机密信息(Secrets)以明文形式暴露在 JavaScript 文件中。 IT之家援引博文介绍,本次报告目标重点排查隐藏在 JavaScript 打包文件中的机密信息,扫描生成的纯文本报告超过 100MB,共计发现超过 ...