If you have a Fortinet firewall, it's time to stop and change your passwords. Intruders somehow gained access to around 75,000 Fortinet firewall devices and stole credentials belonging to major corporations across 194 countries, in some cases leading to full network compromise.
The “jailbreak” that prompted the Trump administration to block Anthropic’s most advanced models was a three-word prompt: “Fix this code.” That's according to Luta Security CEO @k8em0.bsky.social - the only outside expert to read the research paper on the guardrail bypass that prompted the ban.
Data theft and extortion group ShinyHunters exploited a critical Oracle PeopleSoft bug as a zero-day to compromise more than 100 organizations, including the University of Nottingham, across 300 vulnerable instances, beginning in May.
An npm-slop package “mouse5212-super-formatter” targeting Claude users and acting as a stealer reached 676 downloads before being removed from the registry - and after making a major vibe coding blunder.
"A national agency having 844 MB of production infrastructure material in a public GitHub repository for six months is as serious as a secrets leak gets," GitGuardian researcher Guillaume Valadon told me.
Thank you @jessicalyons.bsky.social & @theregister.com for letting me call ShinyHunters scumbags 😂
“At first, yes, this means more patches and thus more work for admins,” @dustinchilds.bsky.social told me. “The goal over time would be to eliminate as many as possible, and, over time, that monthly number goes down.”
Why are you even reading this?! Rotate your passwords!!
Nightmare Eclipse, the prolific bug hunter and possibly disgruntled ex-Microsoft employee, released another 0-day - this one is No. 7 - just hours after Microsoft's Patch Tuesday security updates. www.theregister.com/security/202...
"I'm concerned about what they are leaving behind: What type of C2 on a sleep cycle is still lingering in these environments?" TrendAI VP Tom Kellermann told me in an exclusive interview about the never-before-seen campaign.
