Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.
Google links Turla to STOCKSTAY, a new .NET backdoor used in phishing attacks against Ukraine government and military targets ...
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
一部の結果でアクセス不可の可能性があるため、非表示になっています。
アクセス不可の結果を表示する