SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
decrypt

Claude Code Vulnerability Could Let Attackers Steal Credentials From GitHub, Says Microsoft

Add Decrypt as your preferred source to see more of our stories on Google. Microsoft researchers found that Anthropic's Claude Code GitHub Action could be manipulated through prompt injection attacks.
Game Rant

Safe Codes and Door Codes in 007 First Light

Jake Fillery is an Evergreen Editor for GameRant who has been writing lists, guides, and reviews since 2022. With thousands of engaging articles and guides, Jake loves conversations surrounding all ...
Bleeping Computer

Drupal: Critical SQL injection flaw now targeted in attacks

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier this week. The content management system (CMS) project published a PSA on May ...
Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...
DrBicuspid

Coding the digital workflow: CDT codes for 3D printing and scanning

It's true that 3D printers are not yet the standard of care, but the future is near. According to recent research, the dental 3D printing market in the U.S. is expected to grow at a compound annual ...
InfoQ

GitHub Expands Secret Scanning with General Availability of MCP Server Integration

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
VentureBeat

One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

Just two months ago, researchers at the Data Intelligence Lab at the University of Hong Kong introduced CLI-Anything, a new state-of-the-art tool that analyzes any repo’s source code and generates a ...
Infosecurity-magazine.com

Anthropic Rolls Out Claude Security for AI Vulnerability Scanning

Anthropic has launched Claude Security in public beta to its Claude Enterprise customers. Previously known as Claude Code Security, the cybersecurity tool is built on Anthropic’s latest generally ...
Ars Technica

Microsoft open-sources “the earliest DOS source code discovered to date”

Several times in the last couple of decades, Microsoft has released source code for the original MS-DOS operating system that kicked off its decades-long dominance of consumer PCs. This week, the ...
Dark Reading

Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug

With a hunch, and an hour of AI-assisted scanning, cybersecurity researchers identified and then figured out how to exploit a nine-year-old root escalation vulnerability affecting every Linux build ...