Security News This Week: Hackers Are Posting the Claude Code Leak With Bonus Malware

Plus: The FBI says a recent hack of its wiretap tools poses a national security risk, attackers stole Cisco source code as ...

After fighting malware for decades, this cybersecurity veteran is now hacking drones

Mikko Hyppönen is one of the most recognizable faces of the cybersecurity industry. After fighting computer viruses, worms, ...
Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.
PCMag

Hackers Are Using Claude Code Leak As Bait to Spread Malware

With Anthropic rushing to wipe out the Claude Code leak, hackers are posting malware-laden files on GitHub that they claim ...

Latest malware scam weaponizes ‘I’m not a robot’ verification tests against users, experts warn

Experts have emphasized that real CAPTCHAs will never ask users to enable browser notifications, run commands, use keyboard ...
Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Everything you need to know about the malware stealing data from Mac users

Mac users have a new malware threat to be on the watch out for. According to a new report by Malwarebytes, Infiniti Stealer ...
The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

New Infinity Stealer malware grabs macOS data via ClickFix lures

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.
Arabian Post

BlankGrabber cloaks theft with fake certificate

A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...
SecurityWeek

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.