Adobe CC's WAM component silently adds a detect-ccd.creativecloud.adobe.com entry to the Windows hosts file and uses it to detect installations from the browser. A breakdown of the mechanism and the broader pattern of major software taking control away from the OS and the user.
A summary of how source maps bundled in the Claude Code npm package made over 510k lines of TypeScript visible, and how a branch-name command injection in OpenAI Codex could have allowed theft of GitHub tokens.
A look at Anthropic’s Claude Code Security: its technical approach, false‑positive mitigations, the GitHub Action, comparisons with competing tools, and why $15B briefly vanished from cybersecurity stocks.
Socket reports an active campaign using 19 malicious npm packages. It targets AI development environments such as Claude, Cursor, and VS Code, stealing SSH keys, npm tokens, and API keys, and then propagates via a worm.
Techniques and defenses from the MINJA, InjecMEM, and ToxicSkills campaigns that poison AI agents’ memory files, and the fact that GPT-5.3-Codex achieved a 72% exploit success rate on EVMbench released by OpenAI and Paradigm. This article organizes how AI becomes both a target of attacks and a weapon for attackers.
Two arguments: a renewed look at Web Components asking ‘Do we really need React?’ and a push to ‘turn Dependabot off and switch to Go’s vulnerability checker.’ Both revisit long‑standing defaults with technical reasoning.
An intrusion campaign that auto-scanned FortiGate in 106 countries using DeepSeek and Claude; Starkiller, a reverse-proxy PhaaS that nullifies MFA; Anthropic's Claude Code Security finding 500+ vulnerabilities in production OSS; and PayPal exposing SSNs for six months due to a coding mistake.
In the same week, CISA's KEV catalog gained a Chromium CSS engine UAF, a Roundcube RCE that hid for over a decade, a BeyondTrust RCE abused by ransomware, and a Dagu RCE due to no default authentication. All four require immediate patching.
This article explains how Cline’s issue‑triage bot was exploited via a three‑step chain—prompt injection, cache poisoning, and credential commingling—leading to an unauthorized package release that potentially affected about five million users.
A UAF zero-day in Chrome, critical flaws in four VS Code extensions, and a Microsoft Copilot bug that leaked confidential emails. A review of security risks lurking in developers’ everyday tools.
A CVSS 10.0 vulnerability in Dell RecoverPoint for VMs was found to have been exploited by the China-linked threat group UNC6201 for more than a year and a half.
An explanation of a new attack technique that abuses GitHub’s fork feature and commit display behavior to distribute malware via links that look like official repository URLs.
