Bleeping Computer

OpenAI rotates macOS certs after Axios attack hit code-signing workflow

OpenAI is rotating potentially exposed macOS code-signing certificates after a GitHub Actions workflow executed a malicious Axios package during a recent supply chain attack. The company said that on ...
Forbes

Microsoft Confirms New And Widespread 2FA Code Attacks Ongoing

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...
CSOonline

Claude Code is still vulnerable to an attack Anthropic has already fixed

Adversa outlined how attackers might exploit the vulnerability by distributing a legitimate-looking code repository containing a poisoned CLAUDE.md file. This would contain instructions for Claude ...
VentureBeat

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now

Every enterprise running AI coding agents has just lost a layer of defense. On March 31, Anthropic accidentally shipped a 59.8 MB source map file inside version 2.1. ...
9to5google

Anthropic’s leaked Claude code was an internal error, not an attack

Claude’s source code was mistakenly published by Anthropic in the middle of the night, and users have already begun recreating pieces of the internal AI interface leak for their own use. Anthropic has ...
Homeland Security Today

Al-Qaeda in the Arabian Peninsula’s Latest ‘Inspire Guide’ Glorifies Bondi Beach Attack

Deriving lessons from the attack for those who seek to emulate it, the Inspire Guide notes that the attackers “planned the attack with precision for months,” stressing that “preparing spiritually, ...
VentureBeat

Claude Code's source code appears to have leaked: here's what we know

VentureBeat made with Google Gemini 3.1 Pro Image Anthropic appears to have accidentally revealed the inner workings of one of its most popular and lucrative AI products, the agentic AI harness Claude ...
InfoWorld

New ‘StoatWaffle’ malware auto‑executes attacks on developers

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, enabling near-frictionless compromise. A newly disclosed malware strain dubbed ...
New York Post

Ruth’s Chris gets schooled by Chili’s in viral dress code feud online

The exchange unfolded on X, where Chili’s responded to a post highlighting Ruth’s Chris Steak House’s “business casual” policy, which requires guests to wear what the company describes as “proper ...
Reuters

Exclusive: Iran attacks wipe out 17% of Qatar’s LNG capacity for up to five years, QatarEnergy CEO says

Will have to declare force majeure on LNG contracts for up to five years Some 12.8 million tons per year of LNG offline Means about $20 billion of lost annual revenue ExxonMobil holds stakes in ...
Infosecurity-magazine.com

'CursorJack’ Attack Path Exposes Code Execution Risk in AI Development Environment

A method that could enable code execution through manipulated installation links in an AI development environment has been identified by security researchers. The technique, dubbed CursorJack by ...
WTAE-TV

Pittsburgh police increase security among city's Jewish community after Michigan attack

PITTSBURGH ABOUT HOW THE COMMUNITY HERE IS REACTING. MOMENTS AFTER THAT ATTACK ON A SYNAGOGUE THURSDAY IN MICHIGAN, THE JEWISH FEDERATION OF GREATER PITTSBURGH GOT A CALL FROM PITTSBURGH’S MAYOR, ...