An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...

Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal credentials and wallet data.

Researchers from Zscaler found a new malware campaign dubbed Edgecution.

ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...

The malware program has been deployed across multiple sectors since April, helping to provide initial access sold to ransomware gangs.

You know that little moment when your phone rings and the name on the screen makes you drop everything? Maybe it says your spouse, your daughter, your boss or your best friend. You answer because you ...

As people increasingly refuse to answer calls from unknown numbers, scammers are shifting their tactics by spoofing trusted phone numbers and using AI deepfake technology to sound like authority ...

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other sensitive data.

Phone by Google wants to combat the “growing threat of impersonation scams” and protect Android users against “sophisticated, AI-powered deepfake attacks” with fake call detection. June Android Drop: ...