SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
CoinDesk

Private keys, not smart contracts, caused 40% of crypto's $16 billion hack losses. Here's whats being done.

The industry is moving toward fixing the private key vulnerability issue, just not evenly, Wish Wu, co-founder and CEO of ...

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
The Hacker News

Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks

Google links Turla to STOCKSTAY, a new .NET backdoor used in phishing attacks against Ukraine government and military targets ...
The Hacker News

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories

This week's ThreatsDay Bulletin covers curl flaws, a critical Hoppscotch bug, smart TV proxyware, macOS ClickFix attacks, ...
Naples Daily News

Two prolific Florida python hunters reveal their essentials for success

We caught up with two professional python hunters and asked them what are the "essentials" that help them be successful in ...

Customers Sue Madison Square Garden Over Hacking of 26 Million Records

Three class-action lawsuits accuse a hacking group of publishing data that included personal and corporate information stolen ...