Cybersecurity

NuGet campaign exfiltrated ASP.NET Identity data and created backdoors after amassing over 4,500 downloads.Separately, a malicious npm package, ambar-src, was downloaded over 50,000 times...

Former L3Harris manager Peter Williams sentenced to over seven years for stealing eight zero-day exploits and selling them to a Russian broker.The exploits, sold...

Anthropic identified three Chinese AI firms using over 24,000 fraudulent accounts for industrial-scale "distillation attacks" on its Claude model.The illicit campaigns generated over 16...

The Iranian state-sponsored hacking group MuddyWater has launched a new campaign called Operation Olalampo, deploying multiple new malware families.The group utilized AI-assisted development tools...

Anthropic has launched Claude Code Security, a new AI feature for scanning codebases and suggesting vulnerability patches.The capability is currently available in a limited...

The AI-powered Cline CLI npm package was compromised, leading to an unauthorized update that installed the OpenClaw AI agent on developer machines.The breach, attributed...

A Ukrainian national received a five-year U.S. prison sentence for operating an identity theft scheme that aided North Korean IT workers.The fraudulent operation funneled...

Security researchers have discovered PromptSpy, an advanced Android malware that abuses Google's Gemini AI for persistence and device control.The malware is designed to capture...