Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Kaspersky says 90+ spoofed domains use malicious installers and SEO to deliver AsyncRAT to Windows systems through ScreenConnect.
Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...
Agentic coding tools vulnerable to command execution via DNS records ...
Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub ...
Researchers have found a never-before-seen piece of macOS malware that combines a series of clever tradecraft to infect Macs ...
Mozilla 0DIN’s Claude Code demo shows how clean GitHub repos can expose AI coding agents to prompt injection, reverse shells, ...
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
HP, Dell, ASUS, Lenovo, MSI and Acer have published Secure Boot certificate guides. Here's what each PC manufacturer says you ...
Microsoft's Linux server distribution is now available as an ISO to install on your own server or virtual machine.
Windows 11 provides a rich GUI, but it also supports various command line interfaces (CLIs) through a modern Terminal app.
A new Mac infostealer dubbed PamStealer impersonates the open-source Maccy clipboard manager to steal passwords and more.