SecurityWeek

New Attack Abuses Claude Code and Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
cryptopolitan

Microsoft, Google patch flaws as Cordyceps spread across open-source repositories

Security researchers at Novee found over 300 exploitable CI/CD workflow chains across repositories belonging to Microsoft, Google, Apache, Cloudflare, and the Python Software Foundation. The flaws ...
winbuzzer.com

OpenAI Says GPT-5.5-Cyber Leads Claude Mythos, Expands Daybreak-Initiative

OpenAI is now turning its Daybreak initiative into a defensive cybersecurity program that combines Codex updates, the GPT-5.5-Cyber release and partner access for approved organizations. As OpenAI ...
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
cybersecurityintelligence.com

Five Steps To Resist AI-Powered Cyber Threats

The UK Information Commissioner’s Office (ICO) has warned that cyber criminals are increasingly using artificial intelligence to execute attacks that are faster, more complex and harder to detect.
VentureBeat

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
Computer Weekly

UK government to spend £210m on public sector cyber resilience

The UK government has unveiled a £210m Cyber Action Plan to reinforce IT security resilience across the nation’s public services, with a new central Cyber Unit to be established to coordinate risk ...
Inc

Anthropic’s Powerful New Cybersecurity Tool Is Designed to Find Vulnerabilities in Your Code—and Patch Them

The AI giant announced on Thursday that Claude Security is in public beta for Claude Enterprise customers across the world to use to defensively scan their own code for vulnerabilities; it can also ...
Nextgov

Pentagon launches cyber apprenticeship program

The initiative is part of the administration’s focus on addressing technology and cybersecurity vacancies by placing an emphasis on skill-based hiring. The Department of Defense is launching a Cyber ...
Infosecurity-magazine.com

NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience

The UK’s National Cyber Security Centre (NCSC) has shared details of an ongoing coordinated plan to improve cyber resilience in the National Health Service (NHS). Over the past 18 months, government ...
Wired

In the Wake of Anthropic’s Mythos, OpenAI Has a New Cybersecurity Model—and Strategy

OpenAI on Tuesday announced the next phase of its cybersecurity strategy and a new model specifically designed for use by digital defenders, GPT-5.4-Cyber. The news comes in the wake of an ...