codeinaboxEnglish · 4 days agoGitHub Actions Cache Poisoning is eating open sourceplus-squareneciudan.devexternal-linkmessage-square8linkfedilinkarrow-up131arrow-down11
arrow-up130arrow-down1external-linkGitHub Actions Cache Poisoning is eating open sourceplus-squareneciudan.devcodeinaboxEnglish · 4 days agomessage-square8linkfedilink
codeinaboxEnglish · 10 days agoMythos finds a curl vulnerabilityplus-squaredaniel.haxx.seexternal-linkmessage-square1linkfedilinkarrow-up113arrow-down11
arrow-up112arrow-down1external-linkMythos finds a curl vulnerabilityplus-squaredaniel.haxx.secodeinaboxEnglish · 10 days agomessage-square1linkfedilink
codeinaboxEnglish · 14 days agoWhy “Trusted Publishing†Can’t Save Us from Social Engineeringplus-squareadventures.nodeland.devexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkWhy “Trusted Publishing†Can’t Save Us from Social Engineeringplus-squareadventures.nodeland.devcodeinaboxEnglish · 14 days agomessage-square0linkfedilink
codeinaboxEnglish · 15 days agoYour Container Is Not a Sandboxplus-squareemirb.github.ioexternal-linkmessage-square7linkfedilinkarrow-up131arrow-down12
arrow-up129arrow-down1external-linkYour Container Is Not a Sandboxplus-squareemirb.github.iocodeinaboxEnglish · 15 days agomessage-square7linkfedilink
codeinaboxEnglish · 20 days agoArbitrary code execution and Claude Code CLI: How Claude executed code before you click 'trust'plus-squarewww.sonarsource.comexternal-linkmessage-square1linkfedilinkarrow-up19arrow-down11
arrow-up18arrow-down1external-linkArbitrary code execution and Claude Code CLI: How Claude executed code before you click 'trust'plus-squarewww.sonarsource.comcodeinaboxEnglish · 20 days agomessage-square1linkfedilink
codeinaboxEnglish · 22 days agoAt Machine Speedplus-squarematthiasott.comexternal-linkmessage-square0linkfedilinkarrow-up15arrow-down10
arrow-up15arrow-down1external-linkAt Machine Speedplus-squarematthiasott.comcodeinaboxEnglish · 22 days agomessage-square0linkfedilink
schnurrito@discuss.tchncs.deEnglish · 23 days agoOpen source package with 1 million monthly downloads stole user credentialsplus-squarearstechnica.comexternal-linkmessage-square1linkfedilinkarrow-up121arrow-down10
arrow-up121arrow-down1external-linkOpen source package with 1 million monthly downloads stole user credentialsplus-squarearstechnica.comschnurrito@discuss.tchncs.deEnglish · 23 days agomessage-square1linkfedilink
codeinaboxEnglish · 25 days agoNpm Slop & Wonky Software Supply Chainsplus-squaresimonramstedt.comexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down11
arrow-up10arrow-down1external-linkNpm Slop & Wonky Software Supply Chainsplus-squaresimonramstedt.comcodeinaboxEnglish · 25 days agomessage-square0linkfedilink
codeinaboxEnglish · 27 days agoMythos Mystery in Mozilla Numbers: How 22 Vulns Became 271 or Maybe 3 in Aprilplus-squarewww.flyingpenguin.comexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkMythos Mystery in Mozilla Numbers: How 22 Vulns Became 271 or Maybe 3 in Aprilplus-squarewww.flyingpenguin.comcodeinaboxEnglish · 27 days agomessage-square0linkfedilink
codeinaboxEnglish · 30 days agoThe Vercel breach started at a tool nobody was watchingplus-squaresiddhantkhare.comexternal-linkmessage-square1linkfedilinkarrow-up17arrow-down10
arrow-up17arrow-down1external-linkThe Vercel breach started at a tool nobody was watchingplus-squaresiddhantkhare.comcodeinaboxEnglish · 30 days agomessage-square1linkfedilink
justsouichiEnglish · edit-228 days agopompelmi – ClamAV antivirus scanning for Node.js, zero dependenciesplus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down12
arrow-up10arrow-down1external-linkpompelmi – ClamAV antivirus scanning for Node.js, zero dependenciesplus-squaregithub.comjustsouichiEnglish · edit-228 days agomessage-square0linkfedilink
codeinaboxEnglish · 1 month agoAnthropic secretly installs spyware when you install Claude Desktopplus-squarewww.thatprivacyguy.comexternal-linkmessage-square18linkfedilinkarrow-up1185arrow-down14
arrow-up1181arrow-down1external-linkAnthropic secretly installs spyware when you install Claude Desktopplus-squarewww.thatprivacyguy.comcodeinaboxEnglish · 1 month agomessage-square18linkfedilink
codeinaboxEnglish · 1 month agoWe Reproduced Anthropic's Mythos Findings With Public Modelsplus-squareblog.vidocsecurity.comexternal-linkmessage-square0linkfedilinkarrow-up111arrow-down10
arrow-up111arrow-down1external-linkWe Reproduced Anthropic's Mythos Findings With Public Modelsplus-squareblog.vidocsecurity.comcodeinaboxEnglish · 1 month agomessage-square0linkfedilink
codeinaboxEnglish · 1 month agoThe Boy That Cried Mythos: Verification is Collapsing Trust in Anthropicplus-squarewww.flyingpenguin.comexternal-linkmessage-square1linkfedilinkarrow-up115arrow-down11
arrow-up114arrow-down1external-linkThe Boy That Cried Mythos: Verification is Collapsing Trust in Anthropicplus-squarewww.flyingpenguin.comcodeinaboxEnglish · 1 month agomessage-square1linkfedilink
codeinaboxEnglish · 1 month agoCybersecurity Looks Like Proof of Work Nowplus-squarewww.dbreunig.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkCybersecurity Looks Like Proof of Work Nowplus-squarewww.dbreunig.comcodeinaboxEnglish · 1 month agomessage-square0linkfedilink
codeinaboxEnglish · 1 month agoDependency cooldowns turn you into a free-riderplus-squarecalpaterson.comexternal-linkmessage-square0linkfedilinkarrow-up16arrow-down10
arrow-up16arrow-down1external-linkDependency cooldowns turn you into a free-riderplus-squarecalpaterson.comcodeinaboxEnglish · 1 month agomessage-square0linkfedilink
codeinaboxEnglish · 1 month agoAI “Watershed Moment†or expensive pen tester? The AISI Mythos Dataplus-squareblog.robbowley.netexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkAI “Watershed Moment†or expensive pen tester? The AISI Mythos Dataplus-squareblog.robbowley.netcodeinaboxEnglish · 1 month agomessage-square0linkfedilink
codeinaboxEnglish · 1 month agoOur evaluation of Claude Mythos Preview’s cyber capabilitiesplus-squarewww.aisi.gov.ukexternal-linkmessage-square1linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkOur evaluation of Claude Mythos Preview’s cyber capabilitiesplus-squarewww.aisi.gov.ukcodeinaboxEnglish · 1 month agomessage-square1linkfedilink
codeinaboxEnglish · 1 month agoNo one owes you supply-chain securityplus-squarepurplesyringa.moeexternal-linkmessage-square3linkfedilinkarrow-up114arrow-down11
arrow-up113arrow-down1external-linkNo one owes you supply-chain securityplus-squarepurplesyringa.moecodeinaboxEnglish · 1 month agomessage-square3linkfedilink
Innerworld@lemmy.worldEnglish · 1 month agoGoogle rolls out end-to-end encryption for Gmail on Android and iOS devices for enterprise users, letting them read and compose emails without additional toolsplus-squarewww.bleepingcomputer.comexternal-linkmessage-square1linkfedilinkarrow-up12arrow-down13
arrow-up1-1arrow-down1external-linkGoogle rolls out end-to-end encryption for Gmail on Android and iOS devices for enterprise users, letting them read and compose emails without additional toolsplus-squarewww.bleepingcomputer.comInnerworld@lemmy.worldEnglish · 1 month agomessage-square1linkfedilink
