Hackers exploit file upload bug in Breeze Cache WordPress plugin

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading ...

Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...

Attacker embeds Claude Code in mass credential harvesting op

An unnamed threat actor has succesfully incorporated Anthropic's Claude Code AI coding assistant into their workflow in order ...
GovInfoSecurity

Breach Roundup: Myanmar Scam Compound Managers Charged

This week, scam compounds. Attackers exploit flaws pre-disclosure. A crackdown on DDoS-for-hire. No Mythos for CISA, yes for ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Cybercriminals are tricking AI into leaking your data, executing code, and sending you to malicious sites. Here's how.