Bleeping Computer

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the ‘PhantomRaven’ supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. The campaign ...

Anthropic’s Claude found 22 vulnerabilities in Firefox in two weeks

The test also showed that Claude is significantly better at finding security flaws than at writing code to exploit them. Despite spending around $4,000 in API credits, the team on ...