Insights, Guides & Product Strategy
Learn how teams discover, evaluate, and ship faster with the right tools.
Windows 10 KB5075039 Update Fixes Broken Recovery Environment
Microsoft released the KB5075039 Windows Recovery Environment (WinRE) update for Windows 10 to resolve a long‑standing issue that prevented the recovery environment from starting after installing the October 2025 update KB5068164. The new patch fixes WinRE so it can launch correctly, but users must ensure their WinRE partition is at least 256 MB in size; if not, they need to resize the partition (with backup recommended).
ClawJacked Attack: Malicious Websites Hijack OpenClaw AI Agent to Steal Data
OpenClaw, a popular self‑hosted AI platform, suffered a high‑severity “ClawJacked” vulnerability that allowed malicious websites to brute‑force local gateway login via WebSocket connections to localhost. The flaw bypasses rate limiting and auto‑approves device pairings from the loopback address, enabling attackers to gain admin access, steal credentials, read logs, and execute commands on connected devices. Researchers demonstrated password cracking at hundreds of attempts per second, exposing even user‑chosen passwords. OpenClaw fixed the issue in version 2026.2.26 released within 24 hours; users should update immediately to prevent hijacking.
QuickLens Chrome Extension Steals Crypto – A ClickFix Attack Revealed
Chrome extension “QuickLens – Search Screen with Google Lens” was removed from the Chrome Web Store after a malicious update (v5.8) pushed malware that stole cryptocurrency and user data, including wallet seed phrases, credentials, and sensitive form information. The update stripped security headers, injected scripts via a command‑and‑control server, displayed fake “Google Update” prompts leading to ClickFix attacks that downloaded an executable named googleupdate.exe. Users who installed the extension should uninstall it, scan for malware, reset passwords, and move crypto funds to new wallets. Chrome now automatically disables the extension for affected users.
Previously harmless Google API keys now expose Gemini AI data
Google’s new Gemini AI has turned previously harmless public Google API keys into powerful access points for the AI assistant, allowing attackers to read private data and incur high usage costs. TruffleSecurity uncovered nearly 3,000 exposed keys across many sites, including major firms, and warned that these keys can be used to call Gemini’s API and exploit its paid services. After reporting the issue, Google classified it as a privilege escalation flaw, implemented proactive blocking of leaked keys from accessing Gemini, and advised developers to audit and rotate any publicly exposed keys immediately.
1Campaign platform helps malicious Google ads evade detection
A new cybercrime tool called 1Campaign lets attackers run malicious Google ads that pass the platform’s automated checks and stay online for long periods while hiding from security scanners. The cloaking service filters visitors in real time—only showing phishing or crypto‑drainer pages to genuine users, blocking traffic from cloud providers, VPNs, and other suspicious sources—and allows operators to target specific regions, ISPs, and device types. By manipulating browser fingerprints and routing through a diverse IP pool, the platform evades static URL scanning and can impersonate legitimate brands in ads, making it difficult for security researchers to detect and stop these malicious campaigns.
Microsoft Adds Copilot Data Controls to All Storage Locations
Microsoft is expanding its data‑loss prevention controls to block the Microsoft 365 Copilot AI assistant from processing confidential Word, Excel and PowerPoint documents regardless of where they are stored—whether on local devices or in SharePoint/OneDrive. The update will be deployed through the Augmentation Loop (AugLoop) Office component between late March and late April 2026, automatically enabling the restriction for organizations that already have DLP policies set to block Copilot from handling sensitivity‑labeled content. This change follows a bug that had allowed Copilot to summarize confidential emails in users’ Sent Items and Drafts folders despite active DLP protections.
Microsoft says bug in classic Outlook hides the mouse pointer
Microsoft has confirmed a bug in the classic Outlook desktop client that causes the mouse pointer to disappear while users navigate the interface, making the app unusable for some. The issue, which also affects other Microsoft 365 apps like OneNote, was first reported online nearly two months ago. Microsoft is investigating and advising affected users to open a support case with their M365 administrator and submit diagnostic logs. While no permanent fix timeline has been released, three temporary workarounds are available: clicking an email in the message list, switching to PowerPoint and back, or restarting the computer. The Outlook team will provide updates as more information becomes available.
Stay Updated
Get weekly insights on developer tools, product updates, and tech guides straight to your inbox.