Security News This Week: Hackers Are Posting the Claude Code Leak With Bonus Malware

Plus: The FBI says a recent hack of its wiretap tools poses a national security risk, attackers stole Cisco source code as ...

Device code phishing attacks surge 37x as new kits spread online

Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more than 37 times this year.
CSO Online

Security lapse lets researchers see React2Shell hackers’ dashboard

The campaign is stealing credentials from unpatched servers at scale, due to “neglect and efficiency,” says analyst, and the ...

CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards

The Quizlet flashcards, which WIRED found through basic Google searches, seem to include sensitive information about gate ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...
GameSpot

Call Of Duty Gets Anti-Cheat Upgrades And New 2FA Requirements For Season 3

Season 3 of Call of Duty: Black Ops 7 and Warzone is loaded with new content across all modes, and the big update also comes ...
SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
WinBuzzer

Claude Code Source Leak Exposes Anti-Distillation Traps

Anthropic's Claude Code source has leaked via a packaging error, exposing anti-distillation traps, an undercover mode, and ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
Mint

Shoppers stop and scan: How a simple QR code will help fight overcharging at retail outlets

NEW DELHI: Consumers will soon be able to check whether a shop is compliant with weights and measures or pricing norms by simply scanning a QR code at the outlet. The Centre is preparing to make quick ...