Anthropic accused three Chinese AI companies of distilling Claude, and on the same day OpenAI retired SWE-bench Verified. Training fraud and evaluation flaws exposed simultaneously on February 23, 2026.
A look at Anthropic’s Claude Code Security: its technical approach, false‑positive mitigations, the GitHub Action, comparisons with competing tools, and why $15B briefly vanished from cybersecurity stocks.
Socket reports an active campaign using 19 malicious npm packages. It targets AI development environments such as Claude, Cursor, and VS Code, stealing SSH keys, npm tokens, and API keys, and then propagates via a worm.
Techniques and defenses from the MINJA, InjecMEM, and ToxicSkills campaigns that poison AI agents’ memory files, and the fact that GPT-5.3-Codex achieved a 72% exploit success rate on EVMbench released by OpenAI and Paradigm. This article organizes how AI becomes both a target of attacks and a weapon for attackers.
Two arguments: a renewed look at Web Components asking ‘Do we really need React?’ and a push to ‘turn Dependabot off and switch to Go’s vulnerability checker.’ Both revisit long‑standing defaults with technical reasoning.
An intrusion campaign that auto-scanned FortiGate in 106 countries using DeepSeek and Claude; Starkiller, a reverse-proxy PhaaS that nullifies MFA; Anthropic's Claude Code Security finding 500+ vulnerabilities in production OSS; and PayPal exposing SSNs for six months due to a coding mistake.
In the same week, CISA's KEV catalog gained a Chromium CSS engine UAF, a Roundcube RCE that hid for over a decade, a BeyondTrust RCE abused by ransomware, and a Dagu RCE due to no default authentication. All four require immediate patching.
A week that shook trust in both people and software: three former Google engineers were indicted over alleged transfers of sensitive information to Iran, while NetEase's MuMu Player was found running 17 reconnaissance commands on macOS every 30 minutes.
This article explains how Cline’s issue‑triage bot was exploited via a three‑step chain—prompt injection, cache poisoning, and credential commingling—leading to an unauthorized package release that potentially affected about five million users.
A UAF zero-day in Chrome, critical flaws in four VS Code extensions, and a Microsoft Copilot bug that leaked confidential emails. A review of security risks lurking in developers’ everyday tools.
In its February 2026 KEV catalog update, CISA added four vulnerabilities, including a Google Chrome use-after-free flaw (CVE-2026-2441). One of them dates back 17 years.
A CVSS 10.0 vulnerability in Dell RecoverPoint for VMs was found to have been exploited by the China-linked threat group UNC6201 for more than a year and a half.
