CYBERSECURITY
North Korea Linked to $2B in Crypto Hacks in 2025: CertiK
CertiK reports North Korea stole $2.06B in crypto in 2025, accounting for 60% of global hack losses, funding nuclear programs.
Linux Vulnerability 'Copy Fail' Exposes Crypto Systems to Risk
A new Linux bug, 'Copy Fail,' enables root access with 10 lines of Python, posing potential risks for crypto infrastructure.
Robinhood Phishing Scam Exploits Gmail Trick to Target Users
Hackers exploited Gmail's dot alias feature and flaws in Robinhood's account setup to send verified phishing emails, tricking users into exposing credentials.
HKMA Warns of Phishing Scams Targeting Alipay HK Users
The HKMA has issued a warning about phishing messages and calls impersonating Alipay HK. Users are urged to stay vigilant and report suspicious activity.
US Admiral Calls Bitcoin Key to Cybersecurity and Power Projection
Admiral Samuel Paparo sees Bitcoin as a strategic tool for U.S. cybersecurity and national power, emphasizing its proof-of-work advantages.
NVIDIA Red Team Exposes AI Coding Agent Vulnerability in OpenAI Codex
NVIDIA researchers demonstrate how malicious dependencies can hijack AI coding assistants through AGENTS.md injection, hiding backdoors in pull requests.
Anthropic Launches Claude Opus 4.7 With Enhanced Coding and Cyber Safeguards
Anthropic releases Claude Opus 4.7 with 13% coding benchmark gains, new cybersecurity restrictions, and improved vision capabilities at unchanged API pricing.
Obsidian Notes App Exploited in Crypto Wallet Heist Scheme
Elastic Security Labs uncovers PHANTOMPULSE malware targeting crypto users through Obsidian's community plugins. Attackers use LinkedIn and Telegram for initial contact.
OpenAI Rotates macOS Certificates After Axios Supply Chain Attack
OpenAI responds to North Korea-linked Axios npm compromise by rotating code signing certificates. macOS users must update ChatGPT, Codex apps by May 8.
Anthropic Warns AI-Powered Cyberattacks Will Surge Within 24 Months
Anthropic releases security guidelines as Project Glasswing reveals frontier AI models can now find and exploit vulnerabilities faster than human defenders.
GitHub Actions 2026 Security Roadmap Targets Supply Chain Attacks
GitHub unveils major security overhaul for Actions with dependency locking, egress firewalls, and policy controls to combat rising CI/CD supply chain attacks.
OpenAI Launches Safety Bug Bounty Program Targeting AI Agent Vulnerabilities
OpenAI expands its security efforts with a new Safety Bug Bounty program focused on agentic risks, prompt injection attacks, and data exfiltration in AI products.
OpenAI Reveals How ChatGPT Now Fights Prompt Injection Attacks
OpenAI details new 'Safe Url' defense system treating AI prompt injection like social engineering, with attacks succeeding 50% of the time before fixes.
NVIDIA Launches OpenShell Runtime for Safer Autonomous AI Agents
NVIDIA unveils OpenShell, an open-source runtime enabling safer deployment of self-evolving AI agents with sandboxed execution and policy-based security controls.
Anthropic AI Discovers 22 Firefox Vulnerabilities in Two Weeks
Claude Opus 4.6 found 14 high-severity Firefox bugs, nearly a fifth of all critical vulnerabilities fixed in 2025. Mozilla shipped fixes to hundreds of millions of users.