SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Dark Reading

Amazon Q VS Extension Flaw Leads to Cloud Credential Theft

Adversaries could plant a malicious repository that executes arbitrary code and steals cloud credentials, showcasing MCP risk ...
SecurityWeek

Insurance Regulators Group NAIC Hit in Oracle PeopleSoft Hack

NAIC has confirmed it was targeted in the recent hacking campaign that exploited an Oracle PeopleSoft zero-day vulnerability.
CoinDesk

Private keys, not smart contracts, caused 40% of crypto's $16 billion hack losses. Here's whats being done.

The industry is moving toward fixing the private key vulnerability issue, just not evenly, Wish Wu, co-founder and CEO of ...