Two critical security vulnerabilities discovered in Anthropic's Claude Code have demonstrated how artificial intelligence tools designed to enhance developer productivity can be weaponized against themselves through sophisticated prompt engineering techniques. The vulnerabilities, tracked as CVE-2025-54794 and CVE-2025-54795, allowed attackers...

Mozilla has issued an urgent advisory to add-on developers, alerting them to a sophisticated phishing campaign aimed at compromising accounts on the Mozilla Add-ons (AMO) platform. The security teams detected the malicious effort when several developers reported receiving deceptive...

A newly disclosed vulnerability in FUJIFILM’s Internet Printing Protocol (IPP) and Line Printer Daemon (LPD) processing logic allows malicious actors to send specially crafted packets that can freeze affected printers, causing a denial-of-service (DoS) condition. FUJIFILM has released...

Security researchers have successfully exploited a critical zero-day vulnerability in the Linux kernel, compromising multiple Google kernelCTF instances and Debian 12 systems with a near-perfect success rate. The vulnerability, now designated as CVE-2025-38001, represents a sophisticated Use-After-Free vulnerability in...

On August 2, 2025, blockchain analytics firm Arkham Intelligence revealed that Chinese mining pool LuBian suffered what appears to be the largest Bitcoin heist in history, with 127,426 BTC stolen in December 2020—worth approximately $3.5 billion at the time...

A critical vulnerabilities in Partner Software and Partner Web applications that pose significant risks to government agencies and municipal organizations across the United States. The vulnerabilities allow authenticated attackers to execute arbitrary code on compromised systems, potentially granting complete...