The Hacker News

New StackWarp Hardware Flaw Breaks AMD SEV-SNP Protections on Zen 1–5 CPUs

StackWarp is a hardware flaw affecting AMD Zen 1–5 CPUs that allows privileged hosts to execute code inside SEV-SNP ...

Patch or die: VMware vCenter Server bug fixed in 2024 under attack today

If you skipped it back then, now’s a very good time You've got to keep your software updated. Some unknown miscreants are ...

AI and Security: Zero-day exploits through AI are already a reality

AIs can create complex zero-day exploits. The consequence: The search for security vulnerabilities is successfully industrialized and scaled.
WinBuzzer

Windows 11 Update Issues Force User Choice: Outlook Email Access or System Security

Microsoft has issued guidance to uninstall KB5074109 security update or switch to webmail after the patch caused Outlook ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...
Dark Reading

DPRK Actors Deploy VS Code Tunnels for Remote Hacking

A spear-phishing campaign tied to the Democratic People's Republic of Korea (DPRK) uses trusted Microsoft infrastructure to ...
SecurityWeek

Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure

Vulnerabilities in Anthropic MCP server could be exploited via prompt injections to execute arbitrary code and read/delete arbitrary files.
SecurityWeek

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.
Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...
The Register on MSN

Anthropic quietly fixed flaws in its Git MCP server that allowed for remote code execution

Prompt injection for the win Anthropic has fixed three bugs in its official Git MCP server that researchers say can be ...

Confidential Apple data hacked in claimed Luxshare attack

Highly confidential information concerning Apple, the company’s business practices, and designs has allegedly been hacked in ...