Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

Be careful what you click - hackers use Claude Code leak to push malware

If it's trendy - hackers will exploit it ...

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...

GitHub backs down, kills Copilot pull-request ads after backlash

Following backlash from developers, GitHub has removed Copilot's ability to stick ads - what it calls "tips" - into any pull request that invokes its name.  Australian developer Zach Manson noted on ...
The Hacker News

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
The Hacker News

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

Claude Code 2.1.88 leak exposed 512,000 lines via npm error, fueling supply chain risks and typosquatting attacks.

Patch now! Malicious code attacks on AI tool Langflow observed

A critical security vulnerability in Langflow allows attackers to push and execute malicious code on PCs. A security patch is ...
InfoWorld

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

These security risks, Greyhound Research chief analyst Sanchit Vir Gogia said, will force enterprises to change their ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool

As DarkSword spreads, Apple tells WIRED it will enable iOS 18-specific fixes for millions of iPhone owners who remain on that ...
PCMag Australia

Hackers Are Using Claude Code Leak As Bait to Spread Malware

With Anthropic rushing to wipe out the Claude Code leak, hackers are posting malware-laden files on GitHub that they claim ...