Elektor Magazine

Wi-Fi-Based Person Detection on an ESP32: When Your Router Becomes a Motion Sensor

Can an ESP32 detect people without cameras or motion sensors? Discover how Wi-Fi signal disturbances, CSI, and smart DSP enable real-time occupancy and mov ...
LinkedIn

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxes with bugs that should’ve died years ago — the same old ...
cryptopolitan

Brazilian trojan hijacks WhatsApp to spread crypto phishing

TCLBANKER is a Brazilian banking trojan that monitors 59 banking and crypto domains. The malware spreads by hijacking victims’ WhatsApp Web sessions and Outlook accounts to send phishing messages to ...
Visual Studio Magazine

Hands On with OpenClaw Node for VS Code: Real Workflow, Real Friction

OpenClaw Node for VS Code really can read workspace files, apply instructions from a local skill file, and write results back through the VS Code API sandbox. On Windows, the path to that result is ...
theregister

OpenClaw patches one-click RCE as security Whac-A-Mole continues

Security issues continue to pervade the OpenClaw ecosystem, formerly known as ClawdBot then Moltbot, as multiple projects patch bot takeover and remote code execution (RCE) exploits. The initial hype ...
The Hacker News

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

A high-severity security flaw has been disclosed in OpenClaw (formerly referred to as Clawdbot and Moltbot) that could allow remote code execution (RCE) through a crafted malicious link. The issue, ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple ...
InfoWorld

Spring Boot tutorial: Get started with Spring Boot

Spring Boot is one of the most popular and accessible web development frameworks in the world. Find out what it’s about, with this quick guide to web development with Spring Boot. Spring’s most ...
Bleeping Computer

PhantomRaven attack floods npm with credential-stealing packages

An active campaign named ‘PhantomRaven’ is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials. The activity started in ...
GitHub

Node-API addon for writing high-performance multi-threaded WebSocket servers.

WebSocket connections are accepted and managed by WarpSocket's multi-threaded Rust code. Incoming WebSocket messages (and other events) are handed off to JavaScript callback methods, allowing you to ...
GitHub

Cap'n Web: A JavaScript-native RPC system

Cap'n Web is a spiritual sibling to Cap'n Proto (and is created by the same author), but designed to play nice in the web stack. That means: Cap'n Web is more expressive than almost every other RPC ...
cryptopolitan

Cryptojacking hits markets, Monero miner malware targets 3,500+ sites

Researchers report that over 3,500 websites have been compromised by stealthy JavaScript malware mining Monero without user consent. The malware uses obfuscated code, Web Workers, and WebSocket ...