ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
DirtyClone, tracked as CVE-2026-43503, is a Linux kernel vulnerability that allows any local user to gain root privileges.
A Connecticut man faces up to 10 years in prison for allegedly selling Windows 2000 and Windows NT source code stolen from a ...
Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub ...
A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, ...
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
GPT-5.6 was already running in Codex for some users before OpenAI’s government-approved preview opened to partners. A ...
The gold rush of desktop AI tools has made it incredibly easy to download rogue software or fall victim to supply chain ...
This project is no longer maintained and is deprecated. As of March 16, 2026, this repository has been archived. It is now read-only, and no further updates, security patches, or support will be ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results