AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
Live Bitcoin News

Cardano Rosetta Java v2.1.0: Governance Just Got Real

Cardano Rosetta Java v2.1.0 is live with full Conway-era governance support, SPO Voting, DRep Delegation, and CIP-129 across all endpoints.
The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic's Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code ...
marktechpost

Agoda Open Sources APIAgent to Convert Any REST pr GraphQL API into an MCP Server with Zero Code

Until recently, if you wanted your AI agent to check flight prices or look up a database, you had to write a custom tool. When Anthropic released the Model Context Protocol (MCP), it created a ...
Business Wire

Snowflake Unveils Cortex Code, An AI Coding Agent That Drastically Increases Productivity by Understanding Your Enterprise Data Context

Cortex Code, Snowflake’s AI coding agent, helps customers like Braze, Decile, dentsu, FYUL, LendingTree, Shelter Mutual Insurance, TextNow, United Rentals, and WHOOP perform complex data engineering, ...
Deep

Free Joins Nokia’s Network as Code API Ecosystem to Boost Developer Access

French telecommunications operator Free has joined Nokia’s Network as Code API ecosystem, making it easier for developers and enterprises to build, test and deploy new applications that securely tap ...
TechCrunch

OpenAI boasts enterprise win days after internal ‘code red’ on Google threat

OpenAI released new data Monday showing enterprise usage of its AI tools has surged dramatically over the past year, with ChatGPT message volume growing 8x since November 2024 and workers reporting ...
Bleeping Computer

OAuth Device Code Phishing: Azure vs. Google Compared

Come along with me on a journey as we delve into the swirling, echoing madness of identity attacks. Today, I present a case study on how different implementations of OAuth 2.0, the core authentication ...
SecurityWeek

Claude AI APIs Can Be Abused for Data Exfiltration

An attacker can inject indirect prompts to trick the model into harvesting user data and sending it to the attacker’s account. Attackers can use indirect prompt injections to trick Anthropic’s Claude ...