#web-scraping-vulnerabilities
#web-scraping-vulnerabilities

Information security

Attackers are targeting developers via Slack and Google Sites

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign targets developers on GitHub, exploiting Discussions to spread fake security alerts about Visual Studio Code and distribute malware.

4 hours ago

Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks

Threat actors have shifted to new phishing platforms after Tycoon 2FA's disruption, reusing its tools and increasing overall phishing attacks.

Attackers are targeting developers via Slack and Google Sites

A targeted phishing campaign exploits trust in the open-source community, tricking developers into providing credentials and installing malicious software.

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign targets developers on GitHub, exploiting Discussions to spread fake security alerts about Visual Studio Code and distribute malware.

OWASP Top 10 (2025 List) for Python Devs

The OWASP Top 10 has been updated with significant changes including supply chain attacks and exceptional condition handling.

fromFast Company

6 hours ago

How to hide your sensitive info (for real) when using ChatGPT and other AI chatbots

Chatbots can be useful for summarizing complex information, but sensitive data must be properly redacted to ensure privacy.

#cybersecurity

Software development

Claude Opus wrote a Chrome exploit for $2,283

Silicon Valley

The Dumbest Hack of the Year Exposed a Very Real Problem

fromYahoo Tech

Privacy technologies

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Information security

Hackers are abusing unpatched Windows security flaws to hack into organizations | TechCrunch

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Senate legislation aims to enhance satellite cybersecurity amid rising threats and vulnerabilities in commercial satellite signals.

ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories

Hackers exploit vulnerabilities, including a fake app draining $9.5M, while new exploits like RedSun target Microsoft Defender.

Software development

Claude Opus wrote a Chrome exploit for $2,283

Anthropic withheld its Mythos model due to security concerns, while Opus 4.6 was used to create a functional exploit for Chrome's V8 engine.

Silicon Valley

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.

Privacy technologies

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

Hackers are abusing unpatched Windows security flaws to hack into organizations | TechCrunch

Hackers exploited Windows vulnerabilities published by a researcher, affecting Windows Defender and allowing high-level access.

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Senate legislation aims to enhance satellite cybersecurity amid rising threats and vulnerabilities in commercial satellite signals.

ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories

Hackers exploit vulnerabilities, including a fake app draining $9.5M, while new exploits like RedSun target Microsoft Defender.

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech giants like Google to enhance their defenses against these threats.

fromAP News

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech companies like Google to enhance their defenses against malicious ads.

fromSFGATE

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech giants like Google to enhance their defenses against these threats.

fromAP News

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech companies like Google to enhance their defenses against malicious ads.

more#generative-ai

Deliverability

fromenglish.elpais.com

Only 13% of emails are written by people, and more than half end up in the spam folder: This isn't a technical detail; it's a structural change'

Email is increasingly dominated by automated systems, with 87% of traffic generated by them, leading to declining effectiveness and user engagement.

Privacy technologies

fromTNW | Google

Google will penalise sites that hijack your browser's back button

Google will classify 'back button hijacking' as spam starting June 15, 2026, penalizing sites that misuse the browser History API.

Digital life

fromwww.dw.com

Dangerous Apps In the Web of Data Brokers

Smartphone apps collect detailed location data, often shared with data brokers, posing security risks to users, including soldiers and government officials.

Social media marketing

X's Big Bot Purge Wiped Out a Lot of People's Secret Porn Feeds

X's crackdown on bots has led to the suspension of many human accounts, including those used for private content curation.

US politics

The Internet's Most Powerful Archiving Tool Is in Peril

US media companies are restricting the Wayback Machine's ability to archive their content, despite benefiting from its preservation of information.

Media industry

fromDigiday

In Graphic Detail: New data shows publishers face growing AI bot, third-party scraper activity

A third-party scraper economy is emerging, complicating content protection for publishers as multiple vendors harvest and resell their data.

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.

Information security

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

Information security

Fake Linux Foundation leader using Slack to phish devs

A malware campaign targets open source developers via Slack, impersonating a Linux Foundation official to steal credentials and compromise systems.

Information security

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

A sophisticated threat disguised as adware compromised over 25,000 endpoints, allowing silent control through an unregistered domain.

Fake Linux Foundation leader using Slack to phish devs

A malware campaign targets open source developers via Slack, impersonating a Linux Foundation official to steal credentials and compromise systems.

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

more#malware

#data-breach

Clothing Retailer Patches Website Flaw Exposing Customer Data

A flaw in Express's website allowed unauthorized access to customer data through sequential order IDs in URLs.

fromwww.bbc.com

Booking.com customers warned of 'reservation hijacking' after hack

A data breach at Booking.com has led to increased scams known as 'reservation hijacks' targeting customers.

fromSecuritymagazine

McGraw Hill Data Breach Caused by Salesforce Misconfiguration

McGraw Hill experienced a data breach linked to a Salesforce misconfiguration, with ShinyHunters claiming to have stolen 45 million records.

Clothing Retailer Patches Website Flaw Exposing Customer Data

A flaw in Express's website allowed unauthorized access to customer data through sequential order IDs in URLs.

fromwww.bbc.com

Booking.com customers warned of 'reservation hijacking' after hack

A data breach at Booking.com has led to increased scams known as 'reservation hijacks' targeting customers.

fromSecuritymagazine

McGraw Hill Data Breach Caused by Salesforce Misconfiguration

McGraw Hill experienced a data breach linked to a Salesforce misconfiguration, with ShinyHunters claiming to have stolen 45 million records.

'Like handing out the blueprint to a bank vault': Why AI led one company to abandon open source

Cal is shifting from open source to proprietary licensing due to security risks posed by modern AI tools.

fromYcombinator

Show HN: OpenParallax: OS-level privilege separation for AI agent execution | Hacker News

An open-source AI agent was developed with a secure, sandboxed architecture to prevent data exfiltration and unauthorized actions.

Software development

fromZDNET

'Like handing out the blueprint to a bank vault': Why AI led one company to abandon open source

Cal is shifting from open source to proprietary licensing due to security risks posed by modern AI tools.

fromYcombinator

Show HN: OpenParallax: OS-level privilege separation for AI agent execution | Hacker News

An open-source AI agent was developed with a secure, sandboxed architecture to prevent data exfiltration and unauthorized actions.

This simple email trick saves me from annoying marketing spam (and it's free to do)

Using a dedicated shopping email can effectively reduce spam and clutter in your primary inbox.

#software-supply-chain

fromDevOps.com

The Open Source Trap: Why Trust Isn't a Security Strategy - DevOps.com

The software supply chain is vulnerable due to reliance on under-resourced open source maintainers, requiring active organizational support for security.

2 months ago

Information security

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

fromDevOps.com

The Open Source Trap: Why Trust Isn't a Security Strategy - DevOps.com

The software supply chain is vulnerable due to reliance on under-resourced open source maintainers, requiring active organizational support for security.

more#software-supply-chain

2 months ago

Information security

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

fromThe Cool Down

AI chatbots are subtly trying to make you buy more stuff - here's how to protect yourself

AI can influence consumer purchasing decisions without their awareness, often through subtle persuasion methods.

#ai-security

Information security

AI agents on GitHub leak API keys via prompt injection

Artificial intelligence

fromFuturism

3 weeks ago

OpenClaw Bots Are a Security Disaster

OpenClaw agents, personal AI assistants, pose significant security risks despite their popularity and capabilities.

Information security

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

Information security

Git identity spoof fools Claude into giving bad code the nod

fromTNW | Anthropic

Anthropic, Google, and Microsoft paid AI agent bug bounties, then kept quiet about the flaws

Aonan Guan exploited prompt injection attacks to hijack AI agents from Anthropic, Google, and Microsoft, stealing sensitive API keys and tokens.

fromInfoQ

Claude Code Used to Find Remotely Exploitable Linux Kernel Vulnerability Hidden for 23 Years

Claude Code identified multiple security vulnerabilities in the Linux kernel, including a long-standing heap buffer overflow, with minimal oversight required.

AI agents on GitHub leak API keys via prompt injection

Three popular AI agents on GitHub Actions are vulnerable to Comment and Control attacks, allowing attackers to steal API keys and access tokens.

Artificial intelligence

fromFuturism

3 weeks ago

OpenClaw Bots Are a Security Disaster

OpenClaw agents, personal AI assistants, pose significant security risks despite their popularity and capabilities.

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

A prompt injection attack method named 'Comment and Control' targets AI code security tools, allowing attackers to hijack AI agents using crafted GitHub comments.

Git identity spoof fools Claude into giving bad code the nod

AI code reviewers can be deceived into approving malicious code by spoofing trusted developer identities using Git commands.

fromTNW | Anthropic

Anthropic, Google, and Microsoft paid AI agent bug bounties, then kept quiet about the flaws

Aonan Guan exploited prompt injection attacks to hijack AI agents from Anthropic, Google, and Microsoft, stealing sensitive API keys and tokens.

fromInfoQ

Claude Code Used to Find Remotely Exploitable Linux Kernel Vulnerability Hidden for 23 Years

Claude Code identified multiple security vulnerabilities in the Linux kernel, including a long-standing heap buffer overflow, with minimal oversight required.

more#ai-security

fromElectronic Frontier Foundation

Google Broke Its Promise to Me. Now ICE Has My Data.

Google provided user data to ICE without notification, violating a promise to users.

Cursor AI Vulnerability Exposed Developer Devices

A vulnerability in Cursor AI allows attackers to hijack developer machines via malicious repositories without user interaction.

fromArs Technica

Your tech support company runs scams. Stop-or disguise with more fraud?

Tech Live Connect processed fraudulent charges using real customer data, including names and addresses, to make the charges appear legitimate and maintain a low chargeback ratio.

Privacy professionals

#north-korea

Information security

North Korean social engineering campaign targets macOS users | Computer Weekly

A North Korean campaign targeting macOS users tricked victims into executing malicious files, leading to credential and data theft.

North Korea targets macOS users in latest heist

North Korean criminals use social engineering and fake software updates to steal Apple users' credentials and cryptocurrency.

North Korean social engineering campaign targets macOS users | Computer Weekly

A North Korean campaign targeting macOS users tricked victims into executing malicious files, leading to credential and data theft.

North Korea targets macOS users in latest heist

North Korean criminals use social engineering and fake software updates to steal Apple users' credentials and cryptocurrency.

more#north-korea

BrowserGate: Claims of LinkedIn 'Spying' Clash With Security Research Findings

LinkedIn allegedly scans users' computers to collect data on browser extensions, raising concerns about corporate espionage.

Malicious WordPress Plugins with Backdoors Compromise Thousands of Websites

Malicious WordPress plugins with backdoors compromised thousands of websites, demonstrating a supply-chain attack and leading to their permanent removal.

fromTNW | Apps

30+ WordPress plugins bought on Flippa and backdoored in supply chain attack

A significant WordPress plugin compromise involved a backdoor planted in over 30 plugins, exposing a critical vulnerability in plugin ownership transfer and update mechanisms.

Someone planted backdoors in dozens of WordPress plugins used in thousands of websites | TechCrunch

Dozens of WordPress plugins were compromised by a backdoor, distributing malicious code after a change in ownership of the plugin maker.

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover

A critical vulnerability in Ninja Forms allows file uploads that could lead to remote code execution on affected websites.

Malicious WordPress Plugins with Backdoors Compromise Thousands of Websites

Malicious WordPress plugins with backdoors compromised thousands of websites, demonstrating a supply-chain attack and leading to their permanent removal.

fromTNW | Apps

30+ WordPress plugins bought on Flippa and backdoored in supply chain attack

A significant WordPress plugin compromise involved a backdoor planted in over 30 plugins, exposing a critical vulnerability in plugin ownership transfer and update mechanisms.

Someone planted backdoors in dozens of WordPress plugins used in thousands of websites | TechCrunch

Dozens of WordPress plugins were compromised by a backdoor, distributing malicious code after a change in ownership of the plugin maker.

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover

A critical vulnerability in Ninja Forms allows file uploads that could lead to remote code execution on affected websites.

Recent Apache ActiveMQ Vulnerability Exploited in the Wild

A vulnerability in Apache ActiveMQ Classic, CVE-2026-34197, is being actively exploited, requiring immediate patching by organizations.

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

A high-severity security flaw in Apache ActiveMQ Classic, CVE-2026-34197, is actively exploited, requiring urgent fixes by April 30, 2026.

Recent Apache ActiveMQ Vulnerability Exploited in the Wild

A vulnerability in Apache ActiveMQ Classic, CVE-2026-34197, is being actively exploited, requiring immediate patching by organizations.

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

A high-severity security flaw in Apache ActiveMQ Classic, CVE-2026-34197, is actively exploited, requiring urgent fixes by April 30, 2026.

more#apache-activemq

Men Are Buying Hacking Tools to Use Against Their Wives and Friends

Telegram groups facilitate the sale of hacking and surveillance services, promoting abusive content targeting women and girls.

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Threat actors are exploiting three vulnerabilities in Microsoft Defender for elevated privileges, with one flaw already addressed by Microsoft.

100 Chrome Extensions Steal User Data, Create Backdoor

Over 20,000 users installed malicious Chrome extensions that steal information, provide backdoors, or inject ads, as reported by cybersecurity firm Socket.

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

A social engineering campaign exploits Obsidian to distribute PHANTOMPULSE trojan targeting financial and cryptocurrency sectors.

Ancient Excel bug comes out of retirement for active attacks

A 17-year-old critical Excel vulnerability is actively being exploited, prompting CISA to issue a patch deadline for federal agencies.

#microsoft

Information security

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest

fromComputerworld

Information security

Microsoft's Windows Recall still allows silent data extraction

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities

Microsoft's Patch Tuesday updates address 165 vulnerabilities, including a critical SharePoint zero-day exploit tracked as CVE-2026-32201.

Information security

April Patch Tuesday brings zero-days in Defender, SharePoint Server | Computer Weekly

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest

Microsoft's Zero Day Quest 2026 awarded $2.3 million for discovering 80 high-impact vulnerabilities in cloud and AI services.

fromComputerworld

Microsoft's Windows Recall still allows silent data extraction

Microsoft needs to enhance code integrity for AIXHost.exe to prevent injection attacks.

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities

Microsoft's Patch Tuesday updates address 165 vulnerabilities, including a critical SharePoint zero-day exploit tracked as CVE-2026-32201.

April Patch Tuesday brings zero-days in Defender, SharePoint Server | Computer Weekly

Microsoft's April Patch Tuesday update addresses over 160 issues, including two critical zero-day vulnerabilities, marking one of the largest updates in history.

Splunk Enterprise Update Patches Code Execution Vulnerability

Splunk has released fixes for high and medium-severity vulnerabilities in its products, including Splunk Enterprise, Cloud Platform, and MCP Server.

McGraw-Hill Confirms Data Exposure, Hackers Claim 45M Salesforce Records Leaked

Unauthorized access to limited internal data at McGraw-Hill was linked to a Salesforce misconfiguration, raising concerns about potential identity fraud and harassment.

Exploited Vulnerability Exposes Nginx Servers to Hacking

A critical vulnerability in Nginx UI allows attackers to take full control of servers, affecting numerous deployments worldwide.

Critical nginx-ui Vulnerability CVE-2026-33032 Allows Unauthenticated Nginx Takeover

A critical authentication bypass vulnerability in nginx-ui allows attackers to take control of the Nginx service without authentication.

Exploited Vulnerability Exposes Nginx Servers to Hacking

A critical vulnerability in Nginx UI allows attackers to take full control of servers, affecting numerous deployments worldwide.

Critical nginx-ui Vulnerability CVE-2026-33032 Allows Unauthenticated Nginx Takeover

A critical authentication bypass vulnerability in nginx-ui allows attackers to take control of the Nginx service without authentication.

OpenAI Widens Access to Cybersecurity Model After Anthropic's Mythos Reveal

OpenAI launched GPT-5.4-Cyber, a cybersecurity AI model, expanding access to verified defenders and enhancing capabilities for vulnerability analysis.

GPT-5.4-Cyber aims to further embed AI in cybersecurity

OpenAI's GPT-5.4-Cyber enhances generative AI for cybersecurity, focusing on defensive applications and providing trusted users with advanced capabilities.

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.

OpenAI Widens Access to Cybersecurity Model After Anthropic's Mythos Reveal

OpenAI launched GPT-5.4-Cyber, a cybersecurity AI model, expanding access to verified defenders and enhancing capabilities for vulnerability analysis.

GPT-5.4-Cyber aims to further embed AI in cybersecurity

OpenAI's GPT-5.4-Cyber enhances generative AI for cybersecurity, focusing on defensive applications and providing trusted users with advanced capabilities.

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco has released patches for four critical security vulnerabilities in Identity Services and Webex Services that could allow unauthorized access and code execution.

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

Threat actors are weaponizing n8n to conduct phishing campaigns and deliver malicious payloads through automated emails.

Server-room lock was nothing but a crock

A security vulnerability allowed unauthorized access to a server room due to a flaw in the two-factor authentication lock.

Ransomware Hits Automotive Data Expert Autovista

We are responding to a ransomware incident affecting certain Autovista systems in Europe and Australia. We appreciate our customers' patience as we work to respond to this incident in a disciplined manner.

Information security

New PHP Composer Flaws Enable Arbitrary Command Execution - Patches Released

Two high-severity vulnerabilities in Composer could allow arbitrary command execution through command injection flaws in the Perforce VCS driver.

'By Design' Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

MCP's architectural flaw allows adversarial takeover of user systems, exposing sensitive data and enabling malware installation.

Critical Fortinet sandbox bugs allow auth bypass and RCE

Two critical vulnerabilities in Fortinet's sandbox allow unauthenticated attackers to bypass authentication or execute unauthorized code.

April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

Critical vulnerabilities in Adobe, Fortinet, Microsoft, and SAP products were highlighted in April's Patch Tuesday releases.

fromAxios

OpenAI expands access to cyber AI as hacking risks grow

OpenAI is shifting to a model that emphasizes identity verification for access to sensitive cybersecurity tools while expanding availability.

fromFinbold

Kraken insider extortion reveals remote work security blind spot

"Shortly after access was terminated, we began receiving extortion demands. The criminals threatened to distribute materials from both the February 2025 incident and the recent incident to media outlets and on social media if we did not comply. We will not pay these criminals," Percoco stated.

Information security

fromInfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

CVSS-9.3 vulnerability in Marimo allows unauthenticated remote code execution, exploited shortly after disclosure.

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with seven new vulnerabilities, including critical Windows and Adobe flaws.

fromArs Technica

UK gov's Mythos AI tests help separate cybersecurity threat from hype

Mythos outperformed previous models in TLO tests, showing capability in attacking vulnerable systems but still facing limitations in complex scenarios.

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe released an emergency patch for a critical vulnerability in its products, exploited since December 2025, with a CVSS score of 8.6.

Ransomware scum, other crims exploit 4 old Microsoft bugs

Four Microsoft vulnerabilities are actively exploited, including one from 2012, prompting CISA to urge federal agencies to patch them within two weeks.

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.

Is 46% of your AI-generated code vulnerable?

46% of AI-generated code contains security vulnerabilities, necessitating integrated governance throughout the software delivery lifecycle.

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

A campaign targets ComfyUI instances for cryptocurrency mining and botnet enlistment through remote code execution exploits.

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Threat actors exploit HTTP cookies for PHP web shells on Linux servers, enabling remote code execution with stealthy control mechanisms.

fromInfoQ

PyPI Supply Chain Attack Compromises LiteLLM, Enabling the Exfiltration of Sensitive Information

A supply chain attack on LiteLLM led to over 40,000 downloads of a compromised package that harvested sensitive information.

Venom Stealer Raises Stakes With Continuous Credential Harvesting

Stolen credentials via infostealers like Venom Stealer are central to modern cybercrime.