SecurityWeek

New Attack Abuses Claude Code and Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

‘We should be at $2.25 at the pump’: Trump says Exxon, Chevron, Shell and BP are price gouging drivers. Do you agree?

President Donald Trump is accusing major oil companies of keeping gasoline prices artificially high despite a sharp drop in ...

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

Samsung will start charging for SmartThings API access

Samsung just announced it's going to start charging for SmartThings API access, which is the company's smart home automation ...
SecurityWeek

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories

Amazon Q vulnerability could allow attackers to steal developer cloud credentials by luring them into opening a booby-trapped ...

Oil price falls back to pre-Iran war levels

Signs that traffic through the key Strait of Hormuz shipping route is gradually resuming has helped to push the oil price ...
OilPrice.com

Trump Singles Out Exxon, Chevron, Shell, and BP Over High Gas Prices

President Trump publicly named Exxon, Chevron, Shell, and BP as companies he believes are keeping gasoline prices ...

Trump accuses big oil firms of price-gouging drivers

The US president named Shell, ExxonMobil, BP and Chevron when talking to reporters about a probe into fuel prices.

7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...

Developer laptops are the credential store attackers are picking through in 2026, GitGuardian announces Endpoint Protection

Widely adopted by developer communities, GitGuardian is the #1 security application on GitHub Marketplace and is used by over ...
The Hacker News

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

Three LiteLLM flaws let low-privilege users gain admin access and run code, exposing AI keys, secrets, prompts, and responses ...

Teads Announces Audience API Integration with Havas Media Network

Teads, the omnichannel outcomes platform, today announced the integration of its Audience Planning API into Havas Media Network’s Converged.AI platform, enabling planners to activate audiences ...