Rowhammer attacks have been around since 2014, and mitigations are in place in most modern systems, but the team at gddr6.fail has found ways to apply the attack to current-generation GPUs.

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.

AI company says purpose of its Claude Mythos model is to bolster defenses against hacking in common applications ...

With Anthropic rushing to wipe out the Claude Code leak, hackers are posting malware-laden files on GitHub that they claim ...

On March 27 2026, security researchers Koi Security found a major flaw in Claude Code’s Google Chrome extension that enabled zero-click attacks. Dubbed ShadowPrompt, the vulnerability could have ...

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

A malicious GitHub repository published by idbzoomh uses the Claude Code exposure as a lure to trick people into downloading ...

Nearly 2,000 internal files were briefly leaked after ‘human error’, raising fresh security questions at the AI company ...

For those who recall the debate surrounding Microsoft Recall not long ago, Claude Code's capture of activity is similar.

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...