Malware campaign lures users with fake Windows Update website

Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...
The Hacker News

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...
Business Insider

A 4 a.m. scramble turned Anthropic's leak into a 'workflow revelation'

Coders have had a field day weeding through the treasures in the Claude Code leak. "It has turned into a massive sharing party," said Sigrid Jin, who created the Python edition, Claw Code. Here's how ...
InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.
Business Insider

Anthropic accidentally exposed part of Claude Code's internal source code

Anthropic accidentally leaked some source code for Claude Code, its AI-powered coding assistant. The company said the leak did not include sensitive customer data or credentials. Anthropic recently ...
TechRadar

Anthropic confirms it leaked 512,000 lines of Claude Code source code — spilling some of its biggest secrets

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Anthropic employee accidentally leaked Claude Code source via npm map file Leak exposed 1,900 ...
CNBC

Anthropic leaks part of Claude Code's internal source code

Anthropic accidentally leaked part of the internal source code for its coding assistant Claude Code, according to a spokesperson. The leak could help give software developers, and Anthropic's ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

Here’s what that Claude Code source leak reveals about Anthropic’s plans

Yesterday’s surprise leak of the source code for Anthropic’s Claude Code revealed a lot about the vibe-coding scaffolding the company has built around its proprietary Claude model. But observers ...
Gizmodo

Source Code for Anthropic’s Claude Code Leaks at the Exact Wrong Time

Anthropic just cannot keep a lid on its business. After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and blog posts in a publicly ...
The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.