The vulnerabilities added are CVE-2025-34291, an origin validation error in Langflow with a CVSS score of 9.4, and CVE-2026-34926, a directory traversal flaw in Trend Micro Apex One (on-premise) with a CVSS score of 6.7.
Tag: error
AI, Global Security News, Risk Management
Claude Code Packaging Error Remains a Lure in an Active Campaign: What Defenders Should Do
Threat actors leveraged Anthropic’s Claude Code npm release packaging error to distribute Vidar, GhostSocks, and PureLog Stealer. This blog details immediate steps organizations can take and best practices to prevent further risk.
AI, Global Security News
Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads
A packaging error in Anthropic’s Claude Code npm release briefly exposed internal source code. This entry examines how threat actors rapidly weaponized the resulting attention, pivoting an existing AI-themed campaign to spread Vidar and GhostSocks.
AI, Global Security News
Anthropic Leaks 512,000 Lines of Claude AI Code in Major Blunder
Human error exposed 512,000+ lines of Anthropic Claude AI Code, revealing KAIROS and Capybara secrets, pushing users to switch to the Native Installer.
AI, Apps, Data Breaches, Global Security News, Network Security, Risk Management
PayPal Flaw Exposed Sensitive Data in Lending App for Six Months
PayPal is notifying customers after a software error in its PayPal Working Capital (PPWC) loan application exposed certain personal information, including social security numbers, for nearly six months in 2025. Although the company said its core systems were not breached, the issue resulted in potential unauthorized access to sensitive customer data. “Upon learning about this…
Apps, Data Breaches, Global Security News
PayPal discloses data breach that exposed user info for 6 months
PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. […]
Bitcoin, blockchain, Crypto, CryptoCurrency, Global Security News
Bithumb Mistakenly Sends 620,000 Bitcoin ($40B) to Customer Accounts
A system error at Bithumb sent 620,000 Bitcoin worth about $40B to hundreds of users during a promotion, briefly disrupting prices and drawing scrutiny.