SecurityWeek

Claude Code Flaws Exposed Developer Devices to Silent Hacking

Vulnerabilities in Anthropic’s Claude Code tool could have allowed attackers to silently gain control of a developer’s ...
The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 ...
SecurityWeek

Hackers Weaponize Claude Code in Mexican Government Cyberattack

A threat actor has weaponized Anthropic’s Claude Code to breach the Mexican government’s systems and steal over 150GB of data ...
New York Magazine on MSN

The AI-Powered Hacking Spree Is Here

It turns out AI-coding tools are useful to criminals, too.

Inside the story of the US defense contractor who leaked hacking tools to Russia

The former boss of a U.S. hacking tools maker was jailed for selling highly sensitive software exploits to a Russian broker.
The Hacker News

MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

MuddyWater’s Operation Olalampo targets MENA with GhostFetch, CHAR, HTTP_VIP, and AI-assisted malware since Jan 26, 2026.
Security Boulevard

Fake Zoom meeting “update” silently installs surveillance software

A fake Zoom meeting website is silently pushing surveillance software onto Windows machines. Visitors land on a convincing imitation of a Zoom video call. Moments later, an automatic “Update Available ...