ActiveState, a global leader in open source language solutions and secure software supply chain management, today announced it has grown its catalog of secure open source components to 79 million, ...
The malicious version of Cline's npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.
Moonwell’s $1.78 million oracle mispricing exploit is reigniting debate over “vibe-coded” smart contracts and how AI tools ...
Anthropic's Claude Opus 4.6 surfaced 500+ high-severity vulnerabilities that survived decades of expert review. Fifteen days later, they shipped Claude Code Security. Here's what reasoning-based ...
Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a dormant wipe mechanism.
Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a ...
Cryptopolitan on MSN
Claude Opus 4.6 blamed after $1.78M exploit hits Moonwell
DeFi lending protocol Moonwell lost $1.78 million after AI code from Claude Opus 4.6 led to an oracle configuration error.
ThreatsDay Bulletin tracks active exploits, phishing waves, AI risks, major flaws, and cybercrime crackdowns shaping this week’s threat landscape.
While the AI itself wasn’t weaponized, the technique raises concerns about AI agents with broad system access.
Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.
The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results