Security News This Week: Hackers Are Posting the Claude Code Leak With Bonus Malware

Plus: The FBI says a recent hack of its wiretap tools poses a national security risk, attackers stole Cisco source code as ...

After fighting malware for decades, this cybersecurity veteran is now hacking drones

Mikko Hyppönen is one of the most recognizable faces of the cybersecurity industry. After fighting computer viruses, worms, ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
fern on MSN

Iran’s nuclear site was sealed off from the world - then the sabotage started from inside

Iran’s nuclear facility at Natanz was supposed to be beyond reach: buried underground, disconnected from the internet, and ...

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

AI Just Hacked One Of The World's Most Secure Operating Systems

An AI agent just autonomously exploited a FreeBSD kernel vulnerability in four hours, signaling a fundamental shift in the ...
PCMag

Anthropic Issues Copyright Takedowns to Scrub Claude Code Leak

Anthropic is trying to remove details about its coding agent from GitHub, but programmers are converting the code into ...
SecurityWeek

CrewAI Vulnerabilities Expose Devices to Hacking

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...
Cybernews

Code trust crisis: Is it safe to update your system during an active supply chain attack?

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...

Major compromise of the telnyx PyPI library could put millions of users at risk

JFrog reports Telnyx PyPI package was poisoned with malware by TeamPCP Malicious update delivered hidden .wav payload that ...
Infosecurity Magazine

TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...
Hackaday

This Week In Security: Second Verse, Worse Than The First

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...