Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...

‘Hack Yourself’ Apple Attack Steals Mac Passwords

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

A popular coding tool was hijacked to deliver malware.

A hacker took over an account belonging to the lead maintainer of the JavaScript library, Axios, which is used to handle HTTP requests, as reported by Cybernews. Security researchers found that ...

Claude Code leak exposes a Tamagotchi-style ‘pet’ and an always-on agent

Arun Chandrasekaran, an AI analyst at Gartner, tells The Verge that while the Claude Code leak poses “risks such as providing ...

Cracking Denuvo games in Windows just got easier—and insanely dangerous

New hypervisor methods for cracking the despised Denuvo DRM are risky, even by the lower standards of game piracy.

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...

Anthropic leaked its own Claude Code source code by mistake

Over 500,000 lines of Claude Code source code leaked via a bad npm package—and now several unannounced features are now ...