Claude Code is scanning your messages for curse words

Among the wildest revelations in Claude Code's recent leak is that the AI coding tool is scouring user inputs for signs of ...

New EvilTokens service fuels Microsoft device code phishing attacks

A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime

Threat actors are exploiting vacant homes as "drop addresses" to intercept mail and enable fraud. Flare shows how postal services and fake identities are abused to turn mail into a fraud vector.
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
The Hacker News

⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More

Active exploits, nation-state campaigns, fresh arrests, and critical CVEs — this week's cybersecurity recap has it all.