Obscure MCP API in Comet Browser Breaches User Trust, Enabling Full Device Control via AI Browsers

SquareX released critical research exposing a hidden API in Comet that allows extensions in the AI Browser to execute local commands and gain full control over users' devices. The research reveals ...
The Hacker News

âš¡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More

Fortinet CVE exploited, China-linked AI attacks exposed, PhaaS platform dismantled, and fake crypto apps deploy RATs. Catch this week’s top threats.