Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Researchers have uncovered a novel attack vector that exploits vulnerabilities in AI-powered code analysis tools like Claude Code. The technique, dubbed “Claude Code Attack,” allows threat actors to hijack developer machines by hiding malicious instructions within normal-looking repositories. The attack relies on an error thrown during installation and manipulates the AI agent into spawning a … Read more

New Controller Flaws Expose Highway Signs and Billboards to Remote Hacking

A Critical Vulnerability Affects Highway Signs and Billboards, Exposing Them to Remote Hacking Attacks Highway signs and billboards around the world are potentially vulnerable to hacking attacks due to critical vulnerabilities in some Daktronics controllers. The cybersecurity researcher who discovered these flaws has warned that hackers could exploit them to tamper with what is displayed … Read more

Quantifind Raises $200 Million for AI-Native Risk Intelligence

A $200 Million Boost for AI-Powered Financial Crime Detection Quantifind, a California-based company specializing in artificial intelligence (AI)-native risk intelligence, has secured a whopping $200 million in growth funding. This latest investment brings the company’s total raised to nearly $320 million, solidifying its position as a leader in the burgeoning field of AI-powered financial crime … Read more

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

A critical vulnerability in Oracle E-Business Suite, identified as CVE-2026-46817, is being actively exploited in the wild, putting thousands of businesses at risk. This flaw allows attackers to execute arbitrary code on affected systems, potentially leading to data theft, financial loss, and reputational damage. The issue lies in a weakness in the way Oracle E-Business … Read more

New Controller Flaws Expose Highway Signs and Billboards to Remote Hacking

Highway Signs and Billboards Exposed to Remote Hacking due to Critical Flaws in Daktronics Controllers A critical vulnerability has been discovered in some controllers used by the US-based company Daktronics, potentially allowing hackers to tamper with highway signs and billboards worldwide. The flaws were identified by cybersecurity researcher Thomas Jou, an undergraduate at Princeton University, … Read more

Quantifind Raises $200 Million for AI-Native Risk Intelligence

Quantifind Secures $200 Million to Fuel Global Expansion of AI-Powered Risk Intelligence Platform In a significant development for the cybersecurity industry, Quantifind has announced that it has raised $200 million in a growth funding round, bringing its total funding to nearly $320 million. The investment will enable the company to accelerate its international expansion into … Read more

Amazon Q VS Extension Flaw Leads to Cloud Credential Theft

Cloud Credential Theft Exploit Highlights Growing Risk in AI Infrastructure A high-severity security vulnerability in Amazon Web Services’ (AWS) developer extension for Visual Studio Code has been fixed, but not before researchers demonstrated how attackers could execute arbitrary code and steal cloud credentials by exploiting a weakness in Model Context Protocol (MCP) servers. This flaw … Read more

Iran, Russia, China Target Water Systems for Sabotage

**Nation-State Attackers Target Water Systems for Sabotage** A disturbing trend has emerged in the world of cybersecurity, as nation-state attackers have been breaching water systems in the United States and abroad, exploiting weak passwords, exposed programmable logic controllers (PLCs), and poor segmentation. The threat actors behind these attacks are not sophisticated malware creators, but rather … Read more

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

A newly disclosed vulnerability, tracked as CVE-2026-46817, is actively being exploited in the wild against Oracle’s E-Business Suite, putting thousands of businesses at risk. The flaw, which resides in a critical component of the suite, has been detected by security researchers who warn that attackers can use it to execute arbitrary code on affected systems. … Read more