AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Anthropic rolls out Code Review for Claude Code as it sues over Pentagon blacklist and partners with Microsoft

Anthropic launches Code Review for Claude Code, a multi-agent AI system that audits pull requests for bugs at $15–$25 per review, as the company sues the Trump administration over a Pentagon “supply ...

YouTube Expands AI Deepfake Detection Tool to Journalists, Politicians

YouTube is launching a new pilot program giving government officials, journalists and political candidates access to a likeness detection tool designed to protect their identities as AI-generated ...

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...