SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...

Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update

Adobe Acrobat and Reader users are under attack from hackers using a zero-day vulnerability. Update within 72 hours, Adobe ...
The Hacker News

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
SecurityWeek

Critical Marimo Flaw Exploited Hours After Public Disclosure

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

Although executed by different attackers – Axios by North Korean-linked goons, and Trivy et al. by a loosely knit band of ...
The Hacker News

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-linked actors target U.S. PLCs using Dropbear and SSH access, disrupting OT systems across sectors and escalating cyber ...
Dark Reading

Automated Credential Harvesting Campaign Exploits React2Shell Flaw

An emerging threat cluster is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to steal credentials ...
CSO Online

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...
XDA Developers on MSN

I connected Claude Code to my home server through MCP, and now I manage my entire lab by talking to it

The homelab that talks back.

Report: Cybercriminals steal source code from Cisco and its customers

After the supply chain attack on LiteLLM, attackers were able to access internal Cisco data, it is said. Source code from ...