Tag: security
Hasbro hit by major cyberattack — toymaker confirms ‘unfortunate incident’ takes down some parts of its websites
Hasbro confirms cyberattack forcing temporary IT shutdown and containment measures Investigation ongoing into possible data theft; no group has claimed responsibility Company remains operational but warns interim measures may cause delays for several weeks American toy and entertainment giant Hasbro has confirmed suffering a cyberattack which forced it to temporarily…
Read More
‘API credentials are widely and publicly exposed on the web’: Experts scour 10 million web pages and find a shocking amount of security info just lying around
Thousands of exposed API keys quietly grant access to critical systems Public webpages contain credentials that unlock cloud and payment services Developers unknowingly leave sensitive API tokens embedded in live websites Security researchers from Stanford University, UC Davis, and TU Delft say sensitive API credentials are sitting openly on thousands…
Read More
Anthropic confirms it leaked 512,000 lines of Claude Code source code — spilling some of its biggest secrets
Anthropic employee accidentally leaked Claude Code source via npm map file Leak exposed 1,900 TypeScript files with 500K+ lines of code, quickly mirrored on GitHub Anthropic confirmed no customer data exposed, calling it a packaging error amid recent vulnerabilities like ShadowPrompt and Cloudy Day An Anthropic employee accidentally leaked the…
Read More
‘From 16 hours to under 5 minutes’: How Gen AI is turning fraud into a $400B+ global industry — and experts warn that it’s just the beginning
AI reduces fraud setup time from hours to minutes globally Scam success rates increase sharply within the first day of contact Deepfake tools strengthen credibility across complex multi-stage fraud operations Financial fraud has expanded into a high-volume global activity, with losses estimated at over $400 billion within a single year.…
Read More
Huge numbers of web stores are facing attack from this dangerous new malware
PolyShell vulnerability in Magento/Adobe Commerce mass exploited, hitting over half of vulnerable stores Attackers deploy novel WebRTC-based credit card skimmer to evade security controls Compromised versions targeted since March 19, including high-value ecommerce sites PolyShell, a newly discovered vulnerability in certain Magento Open Source and Adobe Commerce installations, is now…
Read More
‘A sophisticated threat that is quietly reshaping the economics of digital fraud’: How hackers are employing virtual cloud phones to power major scams
Group-IB warns criminals using virtual Android “cloud phones” for APP scams Devices mimic real fingerprints, bypassing bank security and enabling fraud Darknet markets sell pre-warmed accounts; anomalies in apps, IP, and behavior can help detect them Criminals have started using virtual Android devices to bypass modern security solutions and successfully…
Read More