SecurityWeek

Anthropic Silently Patches Claude Code Sandbox Bypass

Anthropic has silently patched a vulnerability that would have allowed an attacker to bypass the Claude Code network sandbox.
Bleeping Computer

New phishing attack steals your Instagram backup codes to bypass 2FA

A new phishing campaign pretending to be a 'copyright infringement' email attempts to steal the backup codes of Instagram users, allowing hackers to bypass the two-factor authentication configured on ...
Bleeping Computer

Critical auth bypass bug in CrushFTP now exploited in attacks

Attackers are now targeting a critical authentication bypass vulnerability in the CrushFTP file transfer software using exploits based on publicly available proof-of-concept code. The security ...

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM tools never tracked.
VentureBeat

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now

Every enterprise running AI coding agents has just lost a layer of defense. On March 31, Anthropic accidentally shipped a 59.8 MB source map file inside version 2.1. ...
Dark Reading

Patch Now: Critical Windows Kerberos Bug Bypasses Microsoft Security

Microsoft eased enterprise security teams into 2024 with a relatively light January security update consisting of patches for 48 unique CVEs, just two of which the company identified as being of ...
Forbes

Microsoft Triple Warning — 3 Windows Security Bypass Threats Confirmed

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Microsoft has confirmed three Windows security bypass zero-days. They say that good things ...