Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Linux kernel privilege escalation exploit DirtyClone (CVE-2026-43503) is publicly documented: JFrog published a working attack walkthrough Thursday showing how any local user can gain root on ...

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

When Anthropic first disclosed Mythos in April, it sent an anxious shockwave through much of the cybersecurity sector. The ...

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...

A reverse shell makes the target machine initiate the connection back to the attacker, bypassing firewalls that only filter ...

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal credentials and wallet data.

June 10 (Asia Today) --Artificial intelligence is reshaping the cybersecurity battlefield, South Korea's spy agency warned, saying North Korean hacking groups are moving toward autonomous attacks that ...

A claim made during the June 6 CJP protest at Delhi's Jantar Mantar has gone viral after a speaker identifying himself as an IT expert alleged that India's Electronic Voting Machines (EVMs) run on ...