SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Windows Report

Mozilla Warns Clean GitHub Repositories Can Trick Claude Code Into Running Malware

Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.
Tom's Hardware on MSN

AI coding agents can be tricked into installing malware via 'clean' GitHub repositories

Three levels of indirection, all with seemingly innocuous steps, will catch a bot off-guard.
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

Customers Sue Madison Square Garden Over Hacking of 26 Million Records

Three class-action lawsuits accuse a hacking group of publishing data that included personal and corporate information stolen ...
GMA Network

DICT probing into reported hacking of House website

Make this your preferred source to get more updates from this publisher on Google. The Department of Information and Communications Technology (DICT) is investigating the reported hacking of the House ...
CBS News

Iran-linked group claims hack of FBI drones, threatens World Cup, monitor says

An Iran-linked hacker group claims to have breached FBI drones and has threatened to target the World Cup that kicked off on Thursday, a monitoring group said Friday. The SITE Intelligence Group, an ...
Hosted on MSN

BeamMP hack reported as Discord compromised, website taken offline

The popular BeamNG.drive multiplayer mod BeamMP has been hit by a major security breach, with its Discord server compromised and core services temporarily taken offline. BeamNG.Drive is quite popular ...
TechCrunch

Kash Patel’s clothing brand website shut down after reports it was hacked

The merchandise website of FBI director Kash Patel was taken offline on Friday after reports that it had been hijacked by hackers trying to infect visitors with malware, as first reported by Straight ...
The Hacker News

GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos

GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and internal ...
Nature

GEMDAT: a Python toolkit for site-resolved diffusion analysis in solid-state molecular dynamics

Molecular dynamics (MD) simulations have become essential for understanding diffusion mechanisms in solid-state materials such as ionic conductors, fuel cells, and gas sensors, yet most existing ...
CNN

Data stolen in Canvas hack that hit thousands of schools has been returned, company says

Data stolen in a cyberattack that shut down an education platform used by universities and K-12 schools across the US last week has been returned to the platform’s parent company, Instructure, ...