#internet-bug-bounty
#internet-bug-bounty

fromwww.bbc.com

11 hours ago

Ex-Meta worker investigated for downloading 30,000 private Facebook photos

A former Meta employee is under investigation for downloading 30,000 private Facebook images using a program to bypass security checks.

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.

fromwww.bbc.com

11 hours ago

Ex-Meta worker investigated for downloading 30,000 private Facebook photos

A former Meta employee is under investigation for downloading 30,000 private Facebook images using a program to bypass security checks.

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.

Healthcare

Signature Healthcare in Brockton hit by cybersecurity incident

Node JS

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

20 hours ago

Information security

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

7 hours ago

Information security

Iranian hackers are targeting American critical infrastructure, U.S. agencies warn | TechCrunch

fromNextgov.com

Pro-Iran hackers are targeting US industrial control systems, advisory says

Iran-aligned hackers have disrupted U.S. critical infrastructure by targeting Rockwell Automation's control systems, causing operational disruptions and financial losses.

One maintainer, one compromised laptop: How North Korean hackers hijacked the Axios open source project - Silicon Canals

North Korean hackers compromised the Axios HTTP library by socially engineering its maintainer, publishing malicious versions that exposed sensitive data.

Healthcare

fromBoston.com

14 hours ago

Signature Healthcare in Brockton hit by cybersecurity incident

Signature Healthcare is managing a cybersecurity incident, affecting some services while maintaining inpatient and emergency care.

Node JS

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

36 malicious npm packages disguised as Strapi CMS plugins facilitate exploitation and credential harvesting.

20 hours ago

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

A China-based threat actor is using zero-day vulnerabilities to execute high-velocity attacks, particularly targeting healthcare and finance sectors.

7 hours ago

Iranian hackers are targeting American critical infrastructure, U.S. agencies warn | TechCrunch

Iran-backed hackers are targeting U.S. critical infrastructure, aiming to cause disruption and financial loss.

fromNextgov.com

Pro-Iran hackers are targeting US industrial control systems, advisory says

Iran-aligned hackers have disrupted U.S. critical infrastructure by targeting Rockwell Automation's control systems, causing operational disruptions and financial losses.

One maintainer, one compromised laptop: How North Korean hackers hijacked the Axios open source project - Silicon Canals

North Korean hackers compromised the Axios HTTP library by socially engineering its maintainer, publishing malicious versions that exposed sensitive data.

Software development

Internet Bug Bounty program hits pause on payouts

Python

The State of Trusted Open Source Report

AI is reshaping software development and security, influencing container image usage and vulnerability management.

A single maintainer, a fake company, and a three-hour window: inside the Axios supply chain hijack - Silicon Canals

A single maintainer's vulnerability led to a significant security breach in a widely used JavaScript library, exposing thousands of systems to potential credential theft.

Software development

Internet Bug Bounty program hits pause on payouts

Python

The State of Trusted Open Source Report

AI is reshaping software development and security, influencing container image usage and vulnerability management.

A single maintainer, a fake company, and a three-hour window: inside the Axios supply chain hijack - Silicon Canals

A single maintainer's vulnerability led to a significant security breach in a widely used JavaScript library, exposing thousands of systems to potential credential theft.

Why Most DevSecOps Pipelines Fail at Runtime Security (not Build Time) - DevOps.com

Runtime risk arises from configuration and infrastructure changes post-deployment, necessitating DevSecOps to enhance security earlier in the delivery process.

UX design

fromMedium

18 hours ago

Careful, liable UX is a thing now

Design decisions that manipulate users are being recognized as deceptive practices with significant real-life consequences.

Privacy technologies

fromTech Times

LinkedIn 'BrowserGate' Investigation Alleges Secret Browser Extension Scanning Within Platform

LinkedIn allegedly collects extensive user data through a hidden system called 'Spectroscopy' without explicit user consent.

US politics

CBP facility codes sure seem to have leaked via online flashcards

Immigration offenses and internal systems of CBP are detailed in flashcards, highlighting procedures and responsibilities of agents.

#north-korea

Remote teams

Watch this video of how a job interviewer exposes a North Korean fake IT worker | TechCrunch

North Korean Hackers Target High-Profile Node.js Maintainers

North Korean hackers are targeting Node.js maintainers using social engineering tactics similar to those used in previous campaigns.

fromwww.cybersecuritydive.com

Axios open-source library targeted in sophisticated supply chain attack

A North Korean threat actor compromised the axios library, introducing a malicious dependency that deploys a backdoor across multiple operating systems.

Remote teams

Watch this video of how a job interviewer exposes a North Korean fake IT worker | TechCrunch

North Korean Hackers Target High-Profile Node.js Maintainers

North Korean hackers are targeting Node.js maintainers using social engineering tactics similar to those used in previous campaigns.

fromwww.cybersecuritydive.com

Axios open-source library targeted in sophisticated supply chain attack

A North Korean threat actor compromised the axios library, introducing a malicious dependency that deploys a backdoor across multiple operating systems.

Critical Flowise Vulnerability in Attacker Crosshairs

A critical vulnerability in Flowise allows remote code execution, posing severe security risks to systems and sensitive data.

21 hours ago

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

A critical security flaw in Flowise allows remote code execution, posing severe risks to business continuity and customer data.

12 hours ago

Critical Flowise Vulnerability in Attacker Crosshairs

A critical vulnerability in Flowise allows remote code execution, posing severe security risks to systems and sensitive data.

21 hours ago

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

A critical security flaw in Flowise allows remote code execution, posing severe risks to business continuity and customer data.

Why SAST is growing in importance in the age of AI-generated source code

Vibe coding is rapidly increasing, but trust in AI-generated code remains low, making SAST tools essential for security and error prevention.

Node JS

Guardarian Users Targeted With Malicious Strapi NPM Packages

A supply chain attack targeting the Strapi ecosystem involved 36 malicious NPM packages delivering various harmful payloads.

#fbi

fromSecuritymagazine

Breach of FBI Surveillance System Considered a "Major Incident," Security Experts Weigh In

FBI confirms major breach of surveillance system, exposing sensitive data and potentially revealing criminal probes and surveillance targets.

FBI Declares Surveillance System Breach a 'Major Incident'

A China-linked breach of an FBI surveillance system has been classified as a major incident, posing significant risks to US national security.

fromSecuritymagazine

Breach of FBI Surveillance System Considered a "Major Incident," Security Experts Weigh In

FBI confirms major breach of surveillance system, exposing sensitive data and potentially revealing criminal probes and surveillance targets.

FBI Declares Surveillance System Breach a 'Major Incident'

A China-linked breach of an FBI surveillance system has been classified as a major incident, posing significant risks to US national security.

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

DevOps

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

Anthropic Mythos model can find and exploit 0-days

AI model Mythos can generate zero-day vulnerabilities, surpassing human capabilities, but Anthropic chose not to release it to prevent widespread exploitation.

fromFortune

Anthropic is giving some firms access to Claude Mythos to bolster cybersecurity defenses | Fortune

Anthropic is providing access to its advanced AI model, Claude Mythos, to enhance cybersecurity defenses among major tech firms.

Information security

Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything

3 hours ago

Anthropic Mythos model can find and exploit 0-days

AI model Mythos can generate zero-day vulnerabilities, surpassing human capabilities, but Anthropic chose not to release it to prevent widespread exploitation.

fromFortune

Anthropic is giving some firms access to Claude Mythos to bolster cybersecurity defenses | Fortune

Anthropic is providing access to its advanced AI model, Claude Mythos, to enhance cybersecurity defenses among major tech firms.

Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything

Anthropic announced Mythos Preview and Project Glasswing to address cybersecurity challenges posed by advanced AI models.

Software development

Claude Code's innards revealed as source code leaked online

Claude Code is still vulnerable to an attack Anthropic has already fixed

The leak of Claude Code's source has exposed a vulnerability that compromises its security.

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Anthropic's Claude Code source code was leaked, revealing operational details but not compromising sensitive data like model weights or customer information.

Software development

Claude Code's innards revealed as source code leaked online

Claude Code is still vulnerable to an attack Anthropic has already fixed

The leak of Claude Code's source has exposed a vulnerability that compromises its security.

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Anthropic's Claude Code source code was leaked, revealing operational details but not compromising sensitive data like model weights or customer information.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

14 hours ago

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

A campaign targets ComfyUI instances for cryptocurrency mining and botnet enlistment through remote code execution exploits.

#data-breach

HackerOne hit by data breach via third-party partner

HackerOne confirmed a data breach at Navia, affecting 287 employees' personal data, including sensitive information like Social Security numbers.

HackerOne slams supplier over delayed breach notice

HackerOne employees were affected by a data breach linked to a third-party benefits provider, Navia Benefit Solutions, due to a security flaw.

HackerOne hit by data breach via third-party partner

HackerOne confirmed a data breach at Navia, affecting 287 employees' personal data, including sensitive information like Social Security numbers.

HackerOne slams supplier over delayed breach notice

HackerOne employees were affected by a data breach linked to a third-party benefits provider, Navia Benefit Solutions, due to a security flaw.

Information security

Attackers exploited the FortiClient EMS bug as a 0-day

New Fortinet Flaw Allows Unauthorized Access to Enterprise Systems

A critical FortiClient EMS vulnerability allows unauthenticated attackers to bypass protections and execute unauthorized commands on systems.

Information security

Fortinet Rushes Emergency Fixes for Exploited Zero-Day

Information security

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Information security

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Attackers exploited the FortiClient EMS bug as a 0-day

Fortinet released an emergency patch for a critical vulnerability in FortiClient EMS, which is being actively exploited.

New Fortinet Flaw Allows Unauthorized Access to Enterprise Systems

A critical FortiClient EMS vulnerability allows unauthenticated attackers to bypass protections and execute unauthorized commands on systems.

Fortinet Rushes Emergency Fixes for Exploited Zero-Day

Fortinet released emergency hotfixes for a critical vulnerability in FortiClient EMS that allows remote code execution without authentication.

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Fortinet released patches for a critical vulnerability in FortiClient EMS, allowing unauthenticated attackers to execute unauthorized commands.

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors exploit a critical SQL injection vulnerability in Fortinet FortiClient EMS, allowing remote code execution without authentication.

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign targets developers on GitHub, exploiting Discussions to spread fake security alerts about Visual Studio Code and distribute malware.

7 hours ago

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign targets developers on GitHub, exploiting Discussions to spread fake security alerts about Visual Studio Code and distribute malware.

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

Anthropic withholds Mythos Preview model because it's hacking is too powerful

Mythos Preview can autonomously find and exploit vulnerabilities at an unprecedented level, surpassing previous models significantly.

Google DeepMind Researchers Map Web Attacks Against AI Agents

Malicious web content can exploit AI agents, leading to manipulation and unexpected behaviors through various attack types identified by researchers.

fromnews.bitcoin.com

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.

Meta Pauses Work With Mercor After LiteLLM-Linked Data Breach - TechRepublic

Meta has paused work with Mercor due to a security breach linked to the LiteLLM supply chain attack.

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.

fromAxios

9 hours ago

Anthropic withholds Mythos Preview model because it's hacking is too powerful

Mythos Preview can autonomously find and exploit vulnerabilities at an unprecedented level, surpassing previous models significantly.

Google DeepMind Researchers Map Web Attacks Against AI Agents

Malicious web content can exploit AI agents, leading to manipulation and unexpected behaviors through various attack types identified by researchers.

fromnews.bitcoin.com

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.

Meta Pauses Work With Mercor After LiteLLM-Linked Data Breach - TechRepublic

Meta has paused work with Mercor due to a security breach linked to the LiteLLM supply chain attack.

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.

GrafanaGhost: Attackers Can Abuse Grafana to Leak Enterprise Data

A vulnerability in Grafana's AI components allows attackers to leak enterprise information by bypassing security measures.

16 hours ago

GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack

A new Rowhammer attack, GPUBreach, allows privilege escalation and memory corruption in GPUs, posing significant threats to cloud environments.

New vulnerabilities affect printing software on Linux and Unix

Two new vulnerabilities in CUPS allow remote code execution and full system control without login credentials.

AI agents found vulns in this Linux and Unix print server

Two vulnerabilities in CUPS allow unauthenticated remote code execution and root file overwrite, posing significant security risks in networked environments.

16 hours ago

New vulnerabilities affect printing software on Linux and Unix

Two new vulnerabilities in CUPS allow remote code execution and full system control without login credentials.

AI agents found vulns in this Linux and Unix print server

Two vulnerabilities in CUPS allow unauthenticated remote code execution and root file overwrite, posing significant security risks in networked environments.

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

Identity programs are maturing, yet the risk from disconnected applications and AI agents is increasing for enterprises.

13 hours ago

Severe StrongBox Vulnerability Patched in Android

The latest Android security updates address two vulnerabilities: a critical DoS issue and a high-severity flaw in StrongBox.

fromDevOps.com

Is Your AI Agent Secure? The DevOps Case for Adversarial QA Testing - DevOps.com

The most dangerous assumption in quality engineering right now is that you can validate an autonomous testing agent the same way you validated a deterministic application. When your systems can reason, adapt, and make decisions on their own, that linear validation model collapses.

Information security

16 hours ago

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

Medusa ransomware group rapidly exploits vulnerabilities, impacting critical sectors and employing double extortion tactics since June 2021.

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Multi-OS attacks complicate SOC operations, leading to delays, fragmented evidence, and increased escalation volume, ultimately allowing attackers more time to operate.

Don't glamorize cybercrims, roast them instead

Cybercrime groups should not be glamorized; they are ordinary individuals using computers for theft, not mythical entities.

fromDevOps.com

GitHub Adds 37 New Secret Detectors in March, Extends Scanning to AI Coding Agents - DevOps.com

GitHub expanded secret scanning with 37 new detectors, enhanced push protection, and introduced scanning for AI coding agents in March.

Apple Rolls Out Fix: New macOS Update Could Protect 100M Mac Users

Apple's macOS update introduces a warning system to prevent users from executing potentially harmful commands in Terminal.

3 days ago

Axios npm hack used fake Teams error fix to hijack maintainer account

A social engineering attack linked to North Korean hackers compromised Axios maintainers, leading to a supply chain attack with malicious npm package versions.

fromInfoQ

Open Source Security Tool Trivy Hit by Supply Chain Attack, Prompting Urgent Industry Response

A malicious release of the Trivy vulnerability scanner exposed critical weaknesses in software supply chain security, allowing for potential credential theft.

Critical ShareFile Flaws Lead to Unauthenticated RCE

Two critical vulnerabilities in ShareFile could allow unauthenticated remote code execution through improper access to configuration pages.

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

A large-scale credential harvesting operation exploits the React2Shell vulnerability to steal sensitive data from compromised hosts across multiple regions.

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

Threat actor exploits Next.js vulnerabilities to exfiltrate credentials and compromise systems at scale, affecting over 766 systems and collecting more than 10,000 files.

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google has released a security update for Chrome due to multiple high-severity vulnerabilities, including an actively exploited use-after-free flaw.

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome

Google's Chrome 146 update addresses 21 vulnerabilities, including a zero-day exploit tracked as CVE-2026-5281.

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google has released a security update for Chrome due to multiple high-severity vulnerabilities, including an actively exploited use-after-free flaw.

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome

Google's Chrome 146 update addresses 21 vulnerabilities, including a zero-day exploit tracked as CVE-2026-5281.

Fake Claude Code source downloads actually delivered malware

Leaked Claude Code source code led to malware downloads, including credential-stealing Vidar and proxy tool GhostSocks, via a malicious GitHub repository.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

New RoadK1ll WebSocket implant used to pivot on breached networks

RoadK1ll is a Node.js implant that enables attackers to pivot from a compromised host to other internal systems undetected.

Fake Claude Code source downloads actually delivered malware

Leaked Claude Code source code led to malware downloads, including credential-stealing Vidar and proxy tool GhostSocks, via a malicious GitHub repository.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

New RoadK1ll WebSocket implant used to pivot on breached networks

RoadK1ll is a Node.js implant that enables attackers to pivot from a compromised host to other internal systems undetected.

Jamf warns of massive app insecurities

Mac and iOS users face significant security threats, with many devices vulnerable to attacks and outdated systems.

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco has released critical updates to address vulnerabilities in its Integrated Management Controller and Smart Software Manager On-Prem.

Cisco Patches Critical and High-Severity Vulnerabilities

Cisco has released fixes for two critical and six high-severity vulnerabilities affecting various enterprise networking products.

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco has released critical updates to address vulnerabilities in its Integrated Management Controller and Smart Software Manager On-Prem.

Cisco Patches Critical and High-Severity Vulnerabilities

Cisco has released fixes for two critical and six high-severity vulnerabilities affecting various enterprise networking products.

more#cisco

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation - Patch Released

"Use-after-free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page."

Information security

OpenAI Launches Bug Bounty Program for Abuse and Safety Risks

OpenAI launched a public safety bug bounty program targeting AI-specific abuse and safety risks in its products.

Hundreds of millions of iPhones can be hacked with a new tool found in the wild

DarkSword, a sophisticated iPhone hacking technique discovered in use by Russian hackers, can silently compromise hundreds of millions of iOS devices running older operating system versions through infected websites.

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

A sophisticated iPhone hacking technique called DarkSword enables attackers to silently compromise iOS devices through infected websites, affecting hundreds of millions of users running older iOS versions.

Hundreds of millions of iPhones can be hacked with a new tool found in the wild

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

Teams must reduce unnecessary internet-facing exposure to minimize vulnerability exploitation risk, as time-to-exploit windows are shrinking to hours or minutes.

2 months ago

Vulnerability exploits now dominate intrusions

Exploit of disclosed vulnerabilities now causes most intrusions, with attackers weaponizing new flaws within hours while many organizations patch slowly.

#beyondtrust

Information security

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

Information security

BeyondTrust Remote Support has a critical vulnerability

Information security

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

Information security

BeyondTrust Remote Support has a critical vulnerability

more#beyondtrust