Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other ...
The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
Bleeping Computer

New Gogs zero-day flaw lets hackers get remote code execution

An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. Designed as an alternative to GitHub ...
IEEE

PRIDA-ME: A Privacy-Preserving, Interoperable and Decentralized Authentication Scheme for Metaverse Environment

Abstract: The metaverse is a new virtual world that has the potential to significantly impact our interactions with digital content and with each other. It is a shared virtual environment where users ...
cybernews

Critical PAN-OS zero-day vulnerability exploited in the wild, with no patches available

Palo Alto Networks warns that its widely deployed firewalls are under attack with hackers exploiting a critical zero-day vulnerability. Unauthenticated attackers can achieve remote code execution with ...
The Hacker News

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) ...
IEEE

Online Banking User Authentication Methods: A Systematic Literature Review

Abstract: Online banking has become increasingly popular in recent years, making it a target for cyberattacks. Banks have implemented various user authentication methods to protect their customers’ ...