Device code phishing attacks surge 37x as new kits spread online

Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more than 37 times this year.
Morning Overview on MSN

Two security incidents rattle AI firms after an Anthropic leak tied to human error

Anthropic’s Claude Code tool accidentally exposed roughly 512,000 lines of proprietary TypeScript through a packaging mistake ...
CSO Online

Security lapse lets researchers see React2Shell hackers’ dashboard

The campaign is stealing credentials from unpatched servers at scale, due to “neglect and efficiency,” says analyst, and the ...

CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards

The Quizlet flashcards, which WIRED found through basic Google searches, seem to include sensitive information about gate ...

KushoAI Launches APIEval-20, the First Open Benchmark for AI API Test Generation

-- No existing benchmark measured whether AI agents can find real API bugs from a schema and payload alone -- 100+ downloads in first week by developers and contributors; freely available on ...
SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...

This free app fixes the worst part of two-factor authentication

The problem with most 2FA apps is that they trap codes on a single device. That’s why I’ve ditched my old authenticator app ...

FanDuel promo code: Get $300 back in bonus bets every day for 10 days!

Get $300 Back in Bonus Bets Every Day for 10 days with our FanDuel sportsbook offer for new users.

The Digital DNA Defense In The AI Fight Against Financial Crime

As cybercriminals leverage generative AI to craft hyper-realistic phishing campaigns and deepfake-enhanced attacks, the ...