Decrypt

Claude Code Vulnerability Could Let Attackers Steal Credentials From GitHub, Says Microsoft

Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...

Dashlane Reveals How Attackers Copied Encrypted Vaults In May 31 Incident

After some Dashlane users were locked out of accounts and a limited number of encrypted password vaults were downloaded, the ...
InfoWorld

Hole in GitHub’s browser-based VSCode editor could lead to stolen token

Its disclosure raises questions about what security researchers should expect from vendors, and how far in advance of its ...
SecurityWeek

Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk

Six Microsoft 365 Android apps contain an identical flaw that could risk billions of downloads being compromised. The ...
The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...

Microsoft 365 Android Apps Had a Token Flaw IT Teams Should Check Now

Microsoft patched a Microsoft 365 Android flaw that exposed account tokens across six apps. Here’s what IT teams should check ...
The Next Web

A popular OpenAI Codex tool with 29,000 weekly downloads has been quietly stealing developer tokens for a month

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.
The Hacker News

Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine

The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation. Per ...