SecurityWeek

New Attack Abuses Claude Code and Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Vitalik Buterin says obfuscation could unlock private onchain crypto voting

Vitalik Buterin outlined how advanced cryptography could enable private onchain voting without trusted committees, though the ...

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...

OpenAI's new GPT-5.5-Cyber tops Claude Mythos 5 in vulnerability benchmark0 0

OpenAI is rolling out the full, limited-release version of GPT-5.5-Cyber—a specialized AI model that outperforms its ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

Python dev saved from disaster by intuition... and AI

Python developer Roman Imankulov nearly took the bait. The fact that he didn't can be chalked up to human intuition and AI ...
GitHub

yam-1111/cttc-hellofriend_mov

Python simulation of the fictional E Corp cs30 security incident. The system models an Advanced Persistent Threat (APT) using volumetric network floods to obfuscate a local stealth rootkit deployment, ...
GitHub

discord-cloner

Advanced Discord Server Cloner built with TypeScript and Seyfert, featuring full guild replication — roles, channels, emojis, and configurations. Includes rate-limit handling, proxy support, and ...