Untrusted repositories turn Claude code into an attack vector
Untrusted repositories turn Claude code into an attack vector Pierluigi Paganini February 25, 2026 Flaws in Anthropic’s Claude Code could allow remote code execution and…
Latest Cybersecurity News — Page 224
View all →
Fake Next.js job interview tests backdoor developer’s devices
A coordinated campaign targeting software developers with job-themed lures is using malicious repositories posing as legitimate Next.js projects and technical assessment materials, including recruiting coding tests.…
Critical Zyxel router flaw exposed devices to remote attacks
Critical Zyxel router flaw exposed devices to remote attacks Pierluigi Paganini February 25, 2026 Zyxel fixed a critical flaw in multiple routers that lets unauthenticated…
Google disrupts hackers that attacked 53 organisations globally
Google disrupted a Chinese-linked hacking group that breached at least 53 organisations across 42 countries, the company said Wednesday. The hacking group, tracked as UNC2814…
Hackers Can Abuse Cortex XDR Live Terminal Feature for C2 Communications
A newly disclosed research finding has revealed that Palo Alto Networks’ Cortex XDR Live Terminal feature can be turned into a command-and-control (C2) channel by…
Why Intelligent Contract Solutions Are Replacing Traditional CLM Systems
For a long time, contract lifecycle management software was the default answer to the question of how organizations should manage their agreements. Contract Lifecycle Management…
Australia’s big end of town is paying ransomware groups
At least 75 Australian businesses with a turnover of more than $3 million have admitted paying off ransomware groups in the first eight months of…
Threat Actors Using Fake Avast Website to Harvest Users Credit Card Details
Cybercriminals are frequently refining their techniques to exploit consumer trust, and a highly sophisticated phishing campaign has recently surfaced that impersonates the cybersecurity firm Avast.…
US Sanctions Russian Exploit Broker Over Stolen US Cyber Tools
The United States government has launched a crackdown on a global network accused of stealing and selling sensitive cyber tools used for national security. In…
Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries
Ravie LakshmananFeb 25, 2026Cyber Espionage / Network Security Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected…
SURXRAT Android RAT Attacking Users Gain Complete Device-Control and Data Exfiltration
The mobile threat landscape is witnessing a significant shift toward professionalized cybercriminal operations, driven by the increasing availability of sophisticated malicious tools. A new and…
Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration
Ravie LakshmananFeb 25, 2026Artificial Intelligence / Vulnerability Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic’s Claude Code, an artificial intelligence (AI)-powered coding assistant, that…