SecurityWeek

New Attack Abuses Claude Code and Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
cryptopolitan

Microsoft, Google patch flaws as Cordyceps spread across open-source repositories

Security researchers at Novee found over 300 exploitable CI/CD workflow chains across repositories belonging to Microsoft, Google, Apache, Cloudflare, and the Python Software Foundation. The flaws ...
winbuzzer.com

OpenAI Says GPT-5.5-Cyber Leads Claude Mythos, Expands Daybreak-Initiative

OpenAI is now turning its Daybreak initiative into a defensive cybersecurity program that combines Codex updates, the GPT-5.5-Cyber release and partner access for approved organizations. As OpenAI ...
Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
LinkedIn

Telecommunications Security Code of Practice: the government response and the revised timeline

On 1 June 2026 the Department for Science, Innovation and Technology published its response to the consultation on updating the Telecommunications Security Code of Practice 2022. For the large and ...
The White House

PROMOTING ADVANCED ARTIFICIAL INTELLIGENCE INNOVATION AND SECURITY

Section 1. Purpose. The United States continues to lead the world in Artificial Intelligence (AI) because of the enormous talent and innovation of our AI industry, and because we refuse to stifle this ...
cybersecurityintelligence.com

Five Steps To Resist AI-Powered Cyber Threats

The UK Information Commissioner’s Office (ICO) has warned that cyber criminals are increasingly using artificial intelligence to execute attacks that are faster, more complex and harder to detect.
The New York Times

One Job That Is Growing in the A.I. Era? Cybersecurity Experts.

Demand for security engineers has surged as artificial intelligence generates a glut of new code and models like Anthropic’s Mythos create new concerns. Credit...Daniel Stolle Supported by By Kate ...
VentureBeat

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
Computer Weekly

UK government to spend £210m on public sector cyber resilience

The UK government has unveiled a £210m Cyber Action Plan to reinforce IT security resilience across the nation’s public services, with a new central Cyber Unit to be established to coordinate risk ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

AI agents have fundamentally changed the threat model of AI model-based applications. By equipping these models with plugins (also called tools), your agents no longer just generate text; they now ...