#rumors-and-leaks
#rumors-and-leaks

fromTech Times

40 minutes ago

LinkedIn 'BrowserGate' Investigation Alleges Secret Browser Extension Scanning Within Platform

LinkedIn allegedly collects extensive user data through a hidden system called 'Spectroscopy' without explicit user consent.

fromTNW | Insights

19 hours ago

LinkedIn secretly scans 6,000+ browser extensions and fingerprints your device

LinkedIn's hidden JavaScript routine collects extensive user data without disclosure, raising concerns about covert surveillance practices.

fromTech Times

40 minutes ago

LinkedIn 'BrowserGate' Investigation Alleges Secret Browser Extension Scanning Within Platform

LinkedIn allegedly collects extensive user data through a hidden system called 'Spectroscopy' without explicit user consent.

fromTNW | Insights

19 hours ago

LinkedIn secretly scans 6,000+ browser extensions and fingerprints your device

LinkedIn's hidden JavaScript routine collects extensive user data without disclosure, raising concerns about covert surveillance practices.

more#linkedin

Social media marketing

1 hour ago

It started with a tip-off': how a Guardian investigation exposed child sex trafficking on Facebook and Instagram

Child sexual abuse trafficking surged during the pandemic, with platforms like Facebook and Instagram being exploited for these crimes.

#claude-code

7 hours ago

Software development

Claude Code's innards revealed as source code leaked online

Software development

Here's what that Claude Code source leak reveals about Anthropic's plans

The leak of Anthropic's Claude Code reveals potential future features, including a persistent memory system and an AI 'dream' process for memory consolidation.

fromTechzine Global

Claude Code leak exposes many of Anthropic's secrets

A leak of Claude Code's source code reveals significant details about its features and future plans, despite Anthropic's usual secrecy.

Claude Code's source reveals extent of system access

Claude Code has significant control over devices, raising concerns about data retention and potential misuse in sensitive environments.

7 hours ago

Software development

Claude Code's innards revealed as source code leaked online

Software development

Here's what that Claude Code source leak reveals about Anthropic's plans

The leak of Anthropic's Claude Code reveals potential future features, including a persistent memory system and an AI 'dream' process for memory consolidation.

fromTechzine Global

Claude Code leak exposes many of Anthropic's secrets

A leak of Claude Code's source code reveals significant details about its features and future plans, despite Anthropic's usual secrecy.

fromTNW | Corporates-Innovation

Claude Code's source reveals extent of system access

Claude Code has significant control over devices, raising concerns about data retention and potential misuse in sensitive environments.

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.

Information security

Meta freezes AI data work after breach puts training secrets at risk

Information security

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

fromnews.bitcoin.com

3 hours ago

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.

fromTNW | Corporates-Innovation

Meta freezes AI data work after breach puts training secrets at risk

Meta has suspended collaboration with Mercor after a cyberattack exposed sensitive AI training methodologies and personal data.

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.

CBP facility codes sure seem to have leaked via online flashcards

Immigration offenses and internal systems of CBP are detailed in flashcards, highlighting procedures and responsibilities of agents.

Social media is turning into a freak show

Social media's influence on content quality and publisher success has led to a crisis in foreign policy and political communication.

Digital life

fromExchangewire

Regulating Social Media: Where do we go from here?

Social media platforms are designed for addiction, prompting global legislative actions to restrict children's access.

fromMuse by Clios | Discover the latest creative marketing and advertising news. Muse by Clio is the premier news site covering creativity in advertising and beyond.

2 Rough Social Media Rulings Could Actually Improve the Platforms | Muse by Clios

Recent jury verdicts against Meta and YouTube signal a shift in accountability for social media platforms regarding child safety and mental health.

fromwww.socialmediatoday.com

70% of teens in Australia still access social media despite bans

Australia's social media ban for under-16s has led to millions of accounts being removed, but many children still access these platforms.

fromDallas News

Finally, social media companies are being held accountable

A California jury found Meta and Google liable for a young user's mental health distress, shifting focus to platform design and algorithms.

Media industry

fromNatesilver

9 hours ago

Social media is turning into a freak show

Social media's influence on content quality and publisher success has led to a crisis in foreign policy and political communication.

Digital life

fromExchangewire

Regulating Social Media: Where do we go from here?

Social media platforms are designed for addiction, prompting global legislative actions to restrict children's access.

fromMuse by Clios | Discover the latest creative marketing and advertising news. Muse by Clio is the premier news site covering creativity in advertising and beyond.

2 Rough Social Media Rulings Could Actually Improve the Platforms | Muse by Clios

Recent jury verdicts against Meta and YouTube signal a shift in accountability for social media platforms regarding child safety and mental health.

fromwww.socialmediatoday.com

70% of teens in Australia still access social media despite bans

Australia's social media ban for under-16s has led to millions of accounts being removed, but many children still access these platforms.

fromDallas News

Finally, social media companies are being held accountable

A California jury found Meta and Google liable for a young user's mental health distress, shifting focus to platform design and algorithms.

Compliance startup Delve removed from Y Combinator portfolio after anonymous whistleblower posts spark investor exodus - Silicon Canals

Delve has been removed from Y Combinator's portfolio due to serious allegations regarding its business practices and compliance misrepresentation.

Venture

Delve whistleblower strikes again, with alleged receipts about 'fake compliance' | TechCrunch

European startups

fromSilicon Canals

Compliance startup Delve removed from Y Combinator portfolio after anonymous whistleblower posts spark investor exodus - Silicon Canals

Delve has been removed from Y Combinator's portfolio due to serious allegations regarding its business practices and compliance misrepresentation.

fromwww.businessinsider.com

Venture

Delve whistleblower strikes again, with alleged receipts about 'fake compliance' | TechCrunch

The Facebook insider building content moderation for the AI era | TechCrunch

Brett Levenson advocates for 'policy as code' to improve content moderation at Facebook, addressing deeper issues beyond technology.

#meta

Privacy professionals

Meta paused its work with AI training startup Mercor after a data breach

Tech industry

fromwww.npr.org

What's next for Meta in the wake of trial losses and layoffs?

Meta faces significant challenges with legal rulings and a shift in focus from the Metaverse to artificial intelligence.

fromWIRED

fromElectronic Frontier Foundation

Information security

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Privacy professionals

Weakening Speech Protections Will Punish All of Us-Not Just Meta

fromwww.businessinsider.com

Meta paused its work with AI training startup Mercor after a data breach

Meta has paused its collaboration with Mercor following a data breach at the AI training startup.

Tech industry

fromwww.npr.org

What's next for Meta in the wake of trial losses and layoffs?

Meta faces significant challenges with legal rulings and a shift in focus from the Metaverse to artificial intelligence.

fromWIRED

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.

fromElectronic Frontier Foundation

Weakening Speech Protections Will Punish All of Us-Not Just Meta

Meta and YouTube face legal challenges, but lowering First Amendment protections could harm user speech rights.

EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

Information security

After fighting malware for decades, this cybersecurity veteran is now hacking drones | TechCrunch

Information security

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

Information security

TrueConf Zero-Day Exploited in Asian Government Attacks

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

A targeted social engineering campaign by North Korean actors led to a supply chain compromise of the Axios npm package.

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The ThreatsDay Bulletin provides a concise overview of current cybersecurity threats and trends affecting system safety.

EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.

After fighting malware for decades, this cybersecurity veteran is now hacking drones | TechCrunch

Mikko Hyppönen emphasizes the invisible nature of cybersecurity work, comparing it to Tetris where successes vanish and failures accumulate.

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

TA416 has intensified cyberattacks on European government and diplomatic organizations since mid-2025, utilizing advanced malware delivery techniques.

TrueConf Zero-Day Exploited in Asian Government Attacks

Chinese hackers exploited a zero-day vulnerability in TrueConf software to attack government entities in Asia, allowing execution of malicious code.

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

A targeted social engineering campaign by North Korean actors led to a supply chain compromise of the Axios npm package.

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The ThreatsDay Bulletin provides a concise overview of current cybersecurity threats and trends affecting system safety.

more#cybersecurity

World news

fromThe Washington Post

Chinese firms market Iran war intelligence 'exposing' U.S. forces

Chinese firms are leveraging AI and open-source data to track U.S. military movements, posing potential security risks amid the Iran conflict.

Six great reads: the OnlyFans legacy, stolen cargo and Meta's creepy' glasses

Leonid Radvinsky's death leaves a void in the leadership of OnlyFans, a platform that has transformed the adult content landscape. His secretive management style and the controversies surrounding the site have raised questions about its future direction and stability.

Photography

#ai-ethics

fromComputerworld

fromwww.scientificamerican.com

Why AI lies, cheats and steals

AI chatbots are increasingly misbehaving, with a fivefold rise in unethical actions over six months, according to recent research.

Artificial intelligence

Anthropic leak reveals Claude Code tracking user frustration and raises new questions about AI privacy

Anthropic's leaked code reveals AI tools conceal their role in generated work and measure user frustration without transparency.

fromComputerworld

Why AI lies, cheats and steals

AI chatbots are increasingly misbehaving, with a fivefold rise in unethical actions over six months, according to recent research.

fromwww.scientificamerican.com

Anthropic leak reveals Claude Code tracking user frustration and raises new questions about AI privacy

Anthropic's leaked code reveals AI tools conceal their role in generated work and measure user frustration without transparency.

more#ai-ethics

Deliverability

fromIrish Independent

Public warned to 'ignore' scam email claiming to be from Garda Commissioner accusing them of serious crimes

A phishing email impersonating An Garda Síochána threatens recipients with serious legal consequences if they do not respond within 24 hours.

Apple

fromMail Online

Apple issues warning to iPhone users over stealthy attack: Act NOW

Apple has released critical iOS updates to protect against the DarkSword cyberattack method targeting vulnerable devices.

Marketing

fromEntrepreneur

How to Navigate Brand Authenticity in the Age of AI Slop

Originality and authenticity in content are essential for brands to stand out in a saturated market dominated by low-quality AI-generated content.

Prediction markets have sparked a golden age of insider trading-but the party may be coming to an end | Fortune

Insider trading in prediction markets has surged, raising concerns about unethical betting practices and lack of regulatory oversight.

New top federal enforcer has his sights set on ending insider trading on prediction markets | Fortune

Curbing insider trading on prediction markets is a top priority for the Commodity Futures Trading Commission.

US Elections

Prediction markets have sparked a golden age of insider trading-but the party may be coming to an end | Fortune

Insider trading in prediction markets has surged, raising concerns about unethical betting practices and lack of regulatory oversight.

New top federal enforcer has his sights set on ending insider trading on prediction markets | Fortune

Curbing insider trading on prediction markets is a top priority for the Commodity Futures Trading Commission.

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

DevOps

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

Brooklyn

PREMIUM Is Your Phone Spying on You? Nah. It Doesn't Have To.

EU data protection

fromAdExchanger

Data Privacy At The Kitchen Table | AdExchanger

Data privacy has become a significant concern for lawmakers and constituents, evolving into a key topic of discussion.

fromenglish.elpais.com

This is how the illegal market for buying and selling personal data on Telegram works

Illicit data markets on Telegram in Latin America expose personal data, contributing to gender-based violence and highlighting vulnerabilities in government data management.

fromBrooklyn Eagle

Brooklyn

PREMIUM Is Your Phone Spying on You? Nah. It Doesn't Have To.

EU data protection

fromAdExchanger

Data Privacy At The Kitchen Table | AdExchanger

Data privacy has become a significant concern for lawmakers and constituents, evolving into a key topic of discussion.

fromenglish.elpais.com

This is how the illegal market for buying and selling personal data on Telegram works

Illicit data markets on Telegram in Latin America expose personal data, contributing to gender-based violence and highlighting vulnerabilities in government data management.

Intellectual property law

Anthropic Suddenly Cares Intensely About Intellectual Property After Realizing With Horror That It Accidentally Leaked Claude's Source Code

fromComputerWeekly.com

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

fromEntrepreneur

Intellectual property law

Artificial intelligence

Anthropic Accidentally Leaked Its Own Claude Code. Now the Company Is Scrambling to Contain the Damage.

fromFuturism

Anthropic Suddenly Cares Intensely About Intellectual Property After Realizing With Horror That It Accidentally Leaked Claude's Source Code

Anthropic's copyright takedown request for its AI model's source code highlights hypocrisy in its stance on copyright laws.

fromComputerWeekly.com

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

fromEntrepreneur

Anthropic Accidentally Leaked Its Own Claude Code. Now the Company Is Scrambling to Contain the Damage.

Anthropic accidentally exposed proprietary instructions for Claude Code, enabling competitors to replicate its features without reverse-engineering.

Prediction markets caught insider traders in real time. Congress wants to shut them down anyway | Fortune

Prediction markets expose insider trading issues, offering transparency through blockchain technology, and should not be banned by legislation.

fromThe Verge

Cryptocurrency

Fake or real, the "inside traders" on Polymarket are great engagement bait

Cryptocurrency

Prediction markets caught insider traders in real time. Congress wants to shut them down anyway | Fortune

Prediction markets expose insider trading issues, offering transparency through blockchain technology, and should not be banned by legislation.

fromThe Verge

Cryptocurrency

Fake or real, the "inside traders" on Polymarket are great engagement bait

more#prediction-markets

The State of Trusted Open Source Report

AI is reshaping software development and security, influencing container image usage and vulnerability management.

Software development

Internet Bug Bounty program hits pause on payouts

Python

The State of Trusted Open Source Report

AI is reshaping software development and security, influencing container image usage and vulnerability management.

Software development

Internet Bug Bounty program hits pause on payouts

more#open-source

Tinder for Nazis' and the woman who hacked it - podcast

Martha Root, in disguise, hacked into WhiteDate, revealing a vast network of neo-Nazis who were actively seeking relationships based on their extremist beliefs.

NYC LGBT

Digital life

fromDigiday

In graphic detail: The long road to accountability for social media platforms

Big tech giants are now held accountable for harming children, marking a significant shift in social media regulation.

fromTNW | Data-Security

Hasbro hacked: Peppa Pig & Transformers owner warns of weeks of disruption

Hasbro disclosed unauthorized access to its systems, an intrusion first detected on 28 March that has since forced the company to take parts of its infrastructure offline and warn that product deliveries could be delayed for weeks.

London startup

Film

fromVulture

What the Heck Is Going On in the Back Room in Backrooms?

A24's horror film Backrooms features a furniture-store employee discovering endless, eerie back rooms filled with unsettling sights.

Remote teams

Security contractor blew the whistle on shabby support crew

Brad, a security contractor, faced challenges with antivirus alerts while working in a labor hire company's office without proper IT support.

fromThe Verge

Pinterest said he violated laid-off colleagues' privacy. Now he's going public

A former Pinterest engineer claims he was unjustly fired for sharing a tool that revealed employee layoffs.

Marketing tech

fromExchangewire

The Stack: AI Surges while Social Platforms Face Scrutiny

AI is growing rapidly, streaming models are evolving, and regulatory pressures on platforms are increasing globally.

fromTechRepublic

Intellectual property law

AI Breakthroughs, Security Breaches, and Industry Shakeups Define the Week in Tech - TechRepublic

Tech industry faces rapid AI advancements alongside significant security vulnerabilities and human costs.

fromAbove the Law

Deepfakes: A Problem In Search Of A Problem? - Above the Law

Deepfakes are not yet a significant issue in litigation, as evidenced by a lack of awareness among legal professionals.

Social media marketing

fromBGR

Instagram Finally Found A Premium Feature You Might Want - And It's A Little Creepy - BGR

Instagram is a major revenue source for Meta, generating $71 billion by 2025, and is testing a subscription service with new features.

Ex-Alex Jones employee reflects on job at Infowars: It was nonsense. It was lies'

Owens described how Infowars aimed to create a cinematic experience, stating, 'We would go out there, we would shoot videos like we were in the weeds, we were showing what was really going on. But it was nonsense. It was lies.'

Media industry

fromNextgov.com

Suspected Chinese breach of FBI system exposed surveillance targets' phone numbers

A breach linked to China exposed phone numbers of FBI surveillance targets, raising concerns about counterintelligence risks.

Don't glamorize cybercrims, roast them instead

Cybercrime groups should not be glamorized; they are ordinary individuals using computers for theft, not mythical entities.

Privacy professionals

LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace

18 hours ago

Don't glamorize cybercrims, roast them instead

Cybercrime groups should not be glamorized; they are ordinary individuals using computers for theft, not mythical entities.

Privacy professionals

LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace

more#cybercrime

Perplexity's "Incognito Mode" is a "sham," lawsuit says

Perplexity's AI allegedly shares sensitive user chats with Google and Meta without consent, raising significant privacy concerns.

Television

3 weeks ago

TV tonight: inside Facebook and Meta with ex-staff and whistleblowers

Social media algorithms profit from divisiveness and hate, with former Meta researchers exposing how platforms have prioritized engagement over user safety.

Software development

Anthropic leaks its own AI coding tool's source code in second major security breach | Fortune

Anthropic leaked the source code for Claude Code, exposing 500,000 lines of code due to a packaging error, raising cybersecurity concerns.

#data-breach

fromSilicon Canals

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

2 months ago

Information security

Dark Web Forum Breached, Hackers Exposed

fromSilicon Canals

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

2 months ago

Information security

Dark Web Forum Breached, Hackers Exposed

Is This The Beginning Of The End Of Big Social Media?

Gen Z faces addiction to social media, paralleling past cigarette use, with legal actions emerging against tech companies for harmful design practices.

fromNextgov.com

Old-school spycraft could make a comeback as AI undermines trust

AI may enhance intelligence gathering but also revive traditional espionage methods due to reliability issues with digital communications.

fromWIRED

CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards

The public Quizlet set contained information about alleged codes for specific facility entrances. 'Checkpoint doors code?' asked one card, with a specific four-digit combination listed in response.

Privacy professionals

fromnews.bitcoin.com

SEC Warns Fake Officials Exploit Trust With Fraud Tactics Targeting Investors

Impersonation scams using SEC branding are increasing, exploiting investor trust through social media and text messages.

#whatsapp

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action

WhatsApp alerted 200 users about a fake iOS app infected with spyware, primarily targeting users in Italy.

WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware | TechCrunch

WhatsApp notified 200 users about a malicious fake app containing spyware created by Italian firm SIO.

Don't open that WhatsApp message, Microsoft warns

WhatsApp messages are being exploited to deliver malicious files that allow attackers to control victims' machines and access their data.

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action

WhatsApp alerted 200 users about a fake iOS app infected with spyware, primarily targeting users in Italy.

WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware | TechCrunch

WhatsApp notified 200 users about a malicious fake app containing spyware created by Italian firm SIO.

Don't open that WhatsApp message, Microsoft warns

WhatsApp messages are being exploited to deliver malicious files that allow attackers to control victims' machines and access their data.

Your phone isn't eavesdropping. The reality is stranger.

Most people believe phones listen to conversations for targeted ads, but research suggests the actual explanation is more complex and potentially more troubling than simple audio eavesdropping.

fromComputerworld

A core infrastructure engineer pleads guilty to federal charges in insider attack

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.

Information security

FBI Warns of Data Security Risks From China-Made Mobile Apps

Foreign-developed mobile applications pose significant data security risks, particularly those from China, according to an FBI alert.

fromHer Campus

Who's Watching The Watchers? AI, Age Verification, And Online Privacy

Parents are increasingly concerned about children's exposure to harmful online content despite regulations like CIPA and platforms like YouTube Kids.

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

Threat actor exploits Next.js vulnerabilities to exfiltrate credentials and compromise systems at scale, affecting over 766 systems and collecting more than 10,000 files.

Apple will hide your email address from apps and websites, but not cops | TechCrunch

Apple provided federal agents with identities of customers using its email privacy feature, revealing limitations in its privacy assurances.

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Drift decentralized exchange lost $285 million due to a sophisticated attack involving unauthorized access and social engineering.

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.

fromDevOps.com

North Korean Hackers Suspected in Supply Chain Attack on Popular Axios Project - DevOps.com

North Korean hackers hijacked the npm account of an axios maintainer, publishing malicious versions that installed a remote access trojan.

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.

fromDevOps.com

North Korean Hackers Suspected in Supply Chain Attack on Popular Axios Project - DevOps.com

North Korean hackers hijacked the npm account of an axios maintainer, publishing malicious versions that installed a remote access trojan.

Information security

Fake Claude Code source downloads actually delivered malware

Information security

Sophisticated CrystalX RAT Emerges

fromTechRepublic

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

Fake Claude Code source downloads actually delivered malware

Leaked Claude Code source code led to malware downloads, including credential-stealing Vidar and proxy tool GhostSocks, via a malicious GitHub repository.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

fromTechRepublic

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.