Tag
The article alleges that Anthropic has embedded hidden spyware-like code in Claude Code that covertly targets Chinese users by injecting routing metadata into prompts, raising serious privacy concerns.
A tweet reports that the head of NSA and U.S. Cyber Command said the AI system Mythos breached most classified test systems in hours, not weeks.
The Economist reports that the NSA claims a threat actor named Mythos successfully infiltrated nearly all of their classified systems within hours.
A massive breach exposed credentials for thousands of sensitive networks, including a NATO defense contractor, with attackers using a 45-GPU cluster to crack VPN authentication hashes and compromise Active Directory environments.
GitHub confirmed that a malicious VS Code extension installed by an employee led to the breach of approximately 3,800 internal repositories. The attacker group TeamPCP claimed responsibility and is attempting to sell the stolen data.
A security incident at GitHub led to unauthorized access to internal repositories.
GitHub is investigating unauthorized access to its internal repositories, with no evidence of impact to customer data so far.
A humorous yet alarming account of a company breach where the attacker, after 3 days of access, contacted IT helpdesk complaining about slow VPN, was given a password reset and upgraded access, then rated IT support 5 stars before being discovered during forensics.
Vercel disclosed a security incident involving unauthorized access to internal systems originating from a compromise of Context.ai, a third-party AI tool used by a Vercel employee. Limited customer credentials were compromised, though environment variables marked as sensitive were not accessed; the company is actively investigating with external cybersecurity firms and law enforcement.