ActiveState, a global leader in open source language solutions and secure software supply chain management, today announced it has grown its catalog of secure open source components to 79 million, ...
The malicious version of Cline's npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.
Moonwell’s $1.78 million oracle mispricing exploit is reigniting debate over “vibe-coded” smart contracts and how AI tools ...
ThreatsDay Bulletin tracks active exploits, phishing waves, AI risks, major flaws, and cybercrime crackdowns shaping this ...
Cryptopolitan on MSN
Claude Opus 4.6 blamed after $1.78M exploit hits Moonwell
DeFi lending protocol Moonwell lost $1.78 million after AI code from Claude Opus 4.6 led to an oracle configuration error.
While the AI itself wasn’t weaponized, the technique raises concerns about AI agents with broad system access.
Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.
Orca has discovered a supply chain attack that abuses GitHub Issue to take over Copilot when launching a Codespace from that ...
The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Memphis Light, Gas, and Water identified the cause of the water main break on Sunday, as work downtown continues through the weekend. According to MLGW, a "vintage pipe from the early 1900s" was the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results