Seorang pembeli di Hong Kong kehilangan HK$1.23 juta setelah mengirim 80 kali transfer kepada penipu yang menyamar sebagai penjual laptop selama 30 hari. Sebagian pembayaran dilakukan melalui ATM Bitcoin, sehingga peluang pemulihan dana dinilai kecil karena transaksi kripto bersifat tidak dapat dibatalkan. Polisi menilai korban terus membayar karena terjebak “sunk cost fallacy”, di mana tiap biaya baru terasa seperti langkah terakhir untuk mendapatkan kembali uang yang sudah terlanjur dikirim.

MetaMask opened early access to its Agent Wallet on June 8, 2026, enabling AI agents to transact onchain across 10 supported networks. The CLI-based wallet lets users set spend caps, choose approved networks and protocols, and requires 2FA approvals when actions break rules or are flagged as malicious.

OpenAI is preparing its largest ChatGPT revamp since 2022, aiming to turn the chatbot into a superapp that bundles coding tools, AI agents, and third-party integrations. The rollout is expected to surface on the web and mobile apps in the coming weeks as the company looks to convert a nearly 1 billion mostly free weekly user base into paid usage, helped by Codex’s more than 5 million weekly active users.

Reaper, a macOS infostealer, is spreading via fake download pages impersonating apps such as WeChat and Miro, then using Script Editor to execute hidden AppleScript. It targets desktop wallet software including Ledger Live, Trezor Suite, and Exodus, while also stealing browser passwords and sensitive files. Victims are prompted by a fake Apple security update dialog to enter their Mac password before data theft begins.

OpenAI has begun rolling out an optional Lockdown Mode across ChatGPT account tiers, aiming to reduce data exfiltration risk tied to prompt-injection scenarios. The setting blocks live web browsing and other external connections, while rollout is gradual for eligible Free, Go, Plus, Pro, and self-serve Business users.

Wiz reported on May 27, 2026 that a threat group it tracks as JINX-0164 has been approaching crypto developers on LinkedIn and luring them into fake meeting links that install macOS malware. The campaign is designed to steal credentials and take over CI/CD pipelines, and it includes a confirmed supply-chain incident involving a trojanized npm package version released on April 7, 2026.

A Rust-based infostealer dubbed IronWorm was embedded in 36 npm packages connected to the Arweave/WeaveDB ecosystem, targeting developer credentials, SSH keys, and Exodus wallet files. The malware ran via a preinstall hook during npm install, searched 86 environment variables and 20 credential files, and used stolen GitHub tokens to spread through malicious commits. Security researchers advised anyone who installed the affected packages to rotate exposed secrets and harden npm/GitHub accounts.

Meta introduced an AI business agent for WhatsApp, Instagram, and Messenger at its Conversations conference in London on Wednesday. The tool can answer customer questions, qualify leads, complete bookings, and process payments, and it is free at launch with paid tiers planned later.

Unitree Robotics received approval from the Shanghai Stock Exchange on Monday to move forward with a STAR Market IPO, targeting 4.2 billion yuan (about $616 million) to fund robot R&D and manufacturing expansion. In the same week, Nvidia said it will use Unitree’s G1 humanoid robot as the hardware base for its Isaac GR00T research platform aimed at universities and labs.