Meta's rogue AI agent passed every identity check — four gaps in enterprise IAM explain why

A rogue AI agent at Meta exposed sensitive internal data despite passing every identity check. Here are the four post-authentication gaps in enterprise IAM that made it possible — and the governance ...
Infosecurity Magazine

'CursorJack’ Attack Path Exposes Code Execution Risk in AI Development Environment

A method that could enable code execution through manipulated installation links in an AI development environment has been identified by security researchers. The technique, dubbed CursorJack by ...

How to Build Claude Code Skills for Task Automation & Workflows

Step-by-step walkthrough explaining how to create custom Claude Skills to automate repetitive tasks and business processes.
Bleeping Computer

Trend Micro warns of critical Apex One code execution flaws

Japanese cybersecurity software firm Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems. Apex One is ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Fake Claude Code Spreads Malware to Windows, macOS Users

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows ...

A Practical Guide to Autonomous Evaluation Loops in Claude Code

The guide explains two layers of Claude Code improvement, YAML activation tuning and output checks like word count and sentence rules.
Infosecurity-magazine.com

Flaws in Popular Software Development App Extensions Allow Data Exfiltration

Researchers at OX Security have detected four vulnerabilities in three of the most popular integrated development environments (IDEs) that could lead to cyber-attacks. In a report published on ...