Dark Reading

Glasswing Secured the Code. The Rest of Your Stack Is Still on You

When Anthropic announced Project Glasswing this month, most coverage landed on the headline numbers: a 27-year-old OpenBSD vulnerability, a 16-year-old FFmpeg flaw, a Linux kernel exploit chain ...
TechCrunch

Hackers are abusing unpatched Windows security flaws to hack into organizations

Hackers have broken into at least one organization using Windows vulnerabilities published online by a disgruntled security researcher over the last two weeks, according to a cybersecurity firm. On ...
Forbes

Microsoft Confirms New And Widespread 2FA Code Attacks Ongoing

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...
Wall Street Journal

Gulf Countries Report Attacks After Cease-Fire Announcement

Gulf countries including Kuwait, Qatar and the United Arab Emirates have reported missile attacks in the nearly two hours since President Trump announced a conditional cease-fire. Kuwait and the U.A.E ...
Bleeping Computer

Device code phishing attacks surge 37x as new kits spread online

Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more than 37 times this year. In this type of attack, the threat actor sends a ...
VentureBeat

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...
Business Insider

A 4 a.m. scramble turned Anthropic's leak into a 'workflow revelation'

Coders have had a field day weeding through the treasures in the Claude Code leak. "It has turned into a massive sharing party," said Sigrid Jin, who created the Python edition, Claw Code. Here's how ...
Forbes

What Anthropic’s Leak Means For The Coming Wave Of ‘Dark Code’

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. The leak, triggered by a human error, exposed 500,000 lines of source code of Anthropic’s ...
Bleeping Computer

New EvilTokens service fuels Microsoft device code phishing attacks

A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft accounts and provide advanced features for business email compromise attacks.
Ars Technica

Here’s what that Claude Code source leak reveals about Anthropic’s plans

Yesterday’s surprise leak of the source code for Anthropic’s Claude Code revealed a lot about the vibe-coding scaffolding the company has built around its proprietary Claude model. But observers ...
Gizmodo

Source Code for Anthropic’s Claude Code Leaks at the Exact Wrong Time

Anthropic just cannot keep a lid on its business. After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and blog posts in a publicly ...
CBS News

Estonia and Latvia say drones hit their NATO territory as Ukraine and Russia traded attacks

Kyiv — NATO members Estonia and Latvia said stray drones entered their territory Wednesday morning on the heels of one of Russia's biggest daytime drone attacks on Ukraine since Vladimir Putin ...