Bleeping Computer

AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...
Microsoft

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of ...
Dark Reading

'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues

Chaotic Eclipse' released a PoC exploit for a zero-day flaw that allows for system takeover by a local user, citing an ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
InfoWorld

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

These security risks, Greyhound Research chief analyst Sanchit Vir Gogia said, will force enterprises to change their ...