AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook ...

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

Software developers across close to 100 organisations have been targeted by a likely North Korea-linked hacking operation that used fake recruitment and code-review tasks to steal cryptocurrency, ...

2026年6月5日、MicrosoftのGitHubリポジトリ73件が、GitHubの不正利用対策システムによって無効化されました。これらのリポジトリは、開発者がAIコーディングツールでパッケージを開いた際に認証情報を盗むマルウェアに侵害されていたと ...

Your weekly cybersecurity recap: a GitHub supply chain worm, an exploited Android flaw, Instagram account takeovers, and a ...

セキュリティ研究者のRasmus Moorats氏はCreativeのサウンドシステムであるKatana V2Xの解析を通じ、攻撃者が約15m圏内からBluetooth経由で同機器に不正なファームウェアを書き込める可能性を示しました。Katana ...

Microsoftが、ChatGPT、Claude、DeepSeek、Microsoft CopilotなどのAIブランドをかたるフィッシング攻撃や、不正広告を使った誘導であるマルバタイジングが増えていると警告しています。

A group of hackers, named JINX-0164, has been contacting crypto devs via LinkedIn and inviting them to fake meetings that ...

A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels.

Matthew Goslett’s storied career began with IRC, dial-up Internet, and a fascination with how messages travelled between ...