Bleeping Computer

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the ‘PhantomRaven’ supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. The campaign ...

Anthropic’s Claude found 22 vulnerabilities in Firefox in two weeks

The test also showed that Claude is significantly better at finding security flaws than at writing code to exploit them. Despite spending around $4,000 in API credits, the team on ...

Claude Opus 4.6 Discovers 22 Firefox Vulnerabilities in Just Two Weeks

Claude AI discovered 22 Firefox vulnerabilities in two weeks, including 14 high severity flaws, showing how AI speeds up security research.
Computer Weekly

Salesforce tracks possible ShinyHunters campaign targeting its users

Salesforce has warned users of an uptick in threat actor activity targeting Experience Cloud customers’ who have accidentally enabling overly permissive guest user configurations. Salesforce stressed ...
InfoQ

AI-Powered Bot Compromises GitHub Actions Workflows Across Microsoft, DataDog, and CNCF Projects

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...