SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Decrypt

This AI Agent Survived 6,000 Hack Attempts—Here’s How

Developer Fernando Irarrázaval's AI agent experiment drew over 6,000 hack attempts from more than 2,000 attackers. No one ...
PCMag

LastPass Breached Once Again, Hackers Gain Access to Sensitive Customer Data

Though the breach occurred at a third-party service provider, hackers used that access to steal LastPass customers' contact ...

Customers Sue Madison Square Garden Over Hacking of 26 Million Records

Three class-action lawsuits accuse a hacking group of publishing data that included personal and corporate information stolen ...

OpenAI's new GPT-5.5-Cyber tops Claude Mythos 5 in vulnerability benchmark0 0

OpenAI is rolling out the full, limited-release version of GPT-5.5-Cyber—a specialized AI model that outperforms its ...
The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...
GitHub

Powershell-RAT

Python based backdoor that uses Gmail to exfiltrate data as an e-mail attachment. This RAT will help someone during red team engagements to backdoor any Windows machines. It tracks the user activity ...