Edge users beware — this malicious extension can break out of the sandbox and install ransomware

Researchers from Zscaler found a new malware campaign dubbed Edgecution.
The Hacker News

Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents

AIR says its fake AI skill passed scanner checks by using a mutable external link, exposing a blind spot in agent skill ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

AI tools that help students cheat are multiplying, and the detectors can’t keep up

A wave of new apps is helping students slip AI written homework past teachers undetected. Even companies selling AI detection tools are tangled up in the same problem.