Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking

/in

Mitiga researchers say attackers can silently redirect Claude Code MCP traffic, intercept OAuth tokens, and maintain persistent access to connected SaaS platforms.

The post Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking appeared first on SecurityWeek.

SecurityWeek – ​Read More

Boost Security Raises $4 Million for SDLC Defense Platform

/in

The company is expanding its platform’s capabilities with the acquisition of SecureIQx and Korbit.ai.

The post Boost Security Raises $4 Million for SDLC Defense Platform appeared first on SecurityWeek.

SecurityWeek – ​Read More

Police arrest SMS blaster crew that sent malicious messages to thousands across Toronto

/in

Toronto police said this is the “first known instance” of an SMS blaster being used in Canada.

Security News | TechCrunch – ​Read More

Researcher Shows Edge Browser Stores Saved Passwords in Plaintext

/in

Cybersecurity expert Tom Rønning finds Microsoft Edge loads all saved passwords into computer memory as cleartext, making them easy for hackers to steal.

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

Polish intelligence warns hackers attacked water treatment control systems

/in

The agency did not publicly attribute the incidents to a specific group or country but said Poland faced intensified hostile cyber activity in 2024 and 2025, “with particular emphasis on the special services of the Russian Federation.”

The Record from Recorded Future News – ​Read More

AI Coding Agents Could Fuel Next Supply Chain Crisis

/in

“TrustFall” attack shows how AI coding agents can be manipulated into launching stealthy supply chain compromises.

The post AI Coding Agents Could Fuel Next Supply Chain Crisis appeared first on SecurityWeek.

SecurityWeek – ​Read More

‘TrustFall’ Exposes Claude Code Execution Risk

/in

Researchers find malicious repositories can trigger code execution in Claude Code with minimal or no user interaction.

darkreading – ​Read More

World’s First AI-Driven Cyberattack Couldn’t Breach OT Systems

/in

The most sophisticated AI-integrated campaign to date hit a brick wall in the form of a SCADA login screen.

darkreading – ​Read More

10 secret Netflix codes I use to find hidden movies – try them now

/in

Netflix codes make it easy to find buried genres and micro-categories. Here’s how to use them – and my favorite ones.

Latest news – ​Read More

Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain Attack

/in

Attackers could inject prompts into a GitHub issue and take over the AI agent designed to automatically triage the issue.

The post Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain Attack appeared first on SecurityWeek.

SecurityWeek – ​Read More