Claude Code hijack, GodDamn blinds EDR, Injective crypto drain
Researchers Andre Hall and Miller Engelbrecht show how Claude Code can be tricked into opening a reverse shell by chaining a benign README, Makefile and test file, with the actual payload fetched from a DNS TXT record at runtime. The attack demonstrates full system compromise without any malicious code in the repository.
SentinelOne tracked separate Chinese and Indian cyber‑espionage campaigns that both compromised the Balochistan Police’s web portals between 2024 and 2026. The actors planted implants and used tools like PlugX and Cobalt Strike, seeking biometric and criminal data to monitor internal security and protect their nationals. Their overlap signals the high value of Pakistani law‑enforcement intel.
A compromised GitHub account let attackers publish version 1.20.21 of @injectivelabs/sdk‑ts, which silently captured wallet private keys and mnemonic seeds when SDK functions ran. The code exfiltrated the data to an Injective Labs endpoint, affecting developers who updated the package before the fix. Rotate wallets and purge the infected version immediately.
Symantec’s Threat Hunter Team discovered GodDamn ransomware leveraging a Microsoft‑signed PoisonX kernel driver to disable AV/EDR defenses via a BYOVD attack. The same campaign combined AnyDesk remote access, NirSoft credential theft tools, and PsExec lateral movement, marking a sophisticated escalation in ransomware evasion tactics.
CISA disclosed that a contractor accidentally published AWS GovCloud keys and build code in a personal GitHub repo, prompting an immediate shutdown and credential rotation. The breach was contained within CISA's environment, with no customer data exposed, and led to tighter repository controls across the agency.
Eight Greeks targeted by the Predator spyware have filed a civil suit against Intellexa SA and thirteen associated individuals, demanding €1 million in moral damages per plaintiff. The case revives the 2022 ‘Predatorgate’ scandal that toppled Greece’s intelligence chief and sparked a government confidence vote.
MEPs won the vote tally but failed to reach the 360‑seat super‑majority needed to block the interim CSAM‑scanning rule. The client‑side scanning proposal, dubbed ‘Chat Control’, is back on the table for further negotiation, extending privacy concerns across the EU.
Chinese cybersecurity platform flagged Anthropic’s Claude Code versions 2.1.91‑2.1.196 as containing a backdoor that can transmit location and identity to remote servers. Users must uninstall or upgrade to 2.1.204, highlighting escalating geopolitical scrutiny of AI coding tools.
npm v12 flips the default to disallow preinstall, install and postinstall scripts, and also blocks Git and remote URL dependencies unless explicitly approved. This forces developers to opt‑in to any lifecycle code, cutting a major attack vector that fueled recent supply‑chain breaches.
Researchers reveal a prompt‑injection technique called HalluSquatting that hijacks the tendency of LLMs to hallucinate repository or skill names. By pre‑registering these fake identifiers, attackers can trick nine popular AI coding assistants into fetching malicious code, achieving remote execution and scaling botnet deployment at unprecedented scale.
Subscribe free