Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Cisco SD-WAN zero-day CVE-2026-20245 was exploited months before disclosure: Mandiant reveals how a malicious CSV file ...

AWS has introduced Lambda MicroVMs, built on its Firecracker virtual machine monitor, which can run isolated Linux containers ...

Microsoft Threat Intelligence discovered that Anthropic’s Claude Code GitHub Action could expose CI/CD workflow secrets when AI agents process untrusted GitHub content, including issue bodies, pull ...

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM tools never tracked.

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...

TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology. TripleCross is inspired by previous implant designs in this area, notably the works of Jeff ...

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning that threat actors are exploiting a critical remote command execution flaw in CentOS Web Panel (CWP). The agency has added the ...

Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The "Linux-specific malware infection chain that starts ...

Several vulnerabilities can be chained together to remotely register rogue printers and execute commands as root on many Linux systems. A security researcher has developed an exploit that leverages ...