InfoQ

Anthropic Accidentally Exposes Claude Code Source via npm Source Map File

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...
Dark Reading

AI-Assisted Supply Chain Attack Targets GitHub

PRT-scan is the second in recent months where a threat actor appears to have leveraged AI for automated targeting of a widespread GitHub misconfiguration.

North Korea’s hijack of one of the web’s most used open source projects was likely weeks in the making

North Korean hackers pushed out malicious updates to a popular open source project by hacking a top developer's computer in a ...
CSO Online

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command and control to ...

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...
The Next Web

Keeper Security brings zero-trust database access to its PAM platform with KeeperDB

KeeperDB integrates database access into a zero-trust PAM platform, reducing credential sprawl and improving security, ...
InfoWorld

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and ...