Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Bleeping Computer

Malicious Edge extension abuses Native Messaging as bridge to malware

A malicious Microsoft Edge extension dubbed ‘Edgecution' has been used in a ransomware attack to escape the browser sandbox and deploy a Python-based backdoor. Access to the local system is obtained ...
Windows Report

Mozilla Warns Clean GitHub Repositories Can Trick Claude Code Into Running Malware

Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.

Edge users beware — this malicious extension can break out of the sandbox and install ransomware

Researchers from Zscaler found a new malware campaign dubbed Edgecution.
CSO Online

Be on the lookout for Mistic, a new backdoor used by ransomware broker

The malware program has been deployed across multiple sectors since April, helping to provide initial access sold to ransomware gangs.
SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

Methodology for AP/'FRONTLINE’ investigation into how US tech is abused for global scams

The AP/“FRONTLINE” investigation was based on tens of thousands of leaked scam center files, videos and photos; an analysis with C4ADS of misuse of artificial intelligence at scam centers; an ...

As AI voices get harder to spot, ElevenLabs adopts Google’s SynthID to help you sniff the fakes

AI-generated voices are becoming nearly impossible to identify. ElevenLabs is now embedding invisible watermarks into its audio so you'll finally know when you're listening to AI.The Latest Tech News, ...
WeLiveSecurity

Award-winning news, views, and insight from the ESET security community

Your business may be small, but its attack surface is anything but. Readiness is the first step to resilience. Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances ESET ...
Computerworld

Industry

Nextcloud CEO: Open source moves from 'a nerdy audience' to the geopolitical stage Frank Karlitschek, head of the German software vendor, talked about the company’s decision to help develop the ...