BBLabs NewsBBLabs News
NewsAll articlesTopics
ES
Live·36 d ago·Malicious npm targets Claude AI user directory
31 articles·4 streams
  1. Home
  2. ›Archive
Back to home
Archive

All articles

31 published articles · search, filter and sort as you wish.

Orden
Orden
Showing 24 of 31 articles · Page 1 of 2
Destacado
IA4 jun 2026·2 min

Malicious npm targets Claude AI user directory

npm package `mouse5212-super-formatter` exfiltrates files from Claude AI's user data directory to GitHub.

  • Audit global npm dependencies with `npm ls -g` to catch unknown packages.
  • Review `/mnt/user-data` contents and treat any sensitive files there as compromised.
  • Block unexpected outbound traffic to `api.github.com` from dev processes in your SIEM.
Gorka El Bochi Morillo
Leer artículo
Ciberataques4 jun 2026·2 min

Megalodon malware hits 5,500+ GitHub repos in 6 hours

Megalodon malware pushed malicious commits to 5,500+ GitHub repos in six hours, stealing developer credentials and secrets.

Leer artículo
IA3 jun 2026·2 min

ChatGPhish: how ChatGPT web summaries become phishing lures

ChatGPT's web summary renderer trusts external Markdown, enabling indirect prompt injection attacks that deliver phishing links inside trusted AI responses.

Leer artículo
Newsletter

Una historia al día. Cero ruido.

Elige las ramas que quieres recibir. Cancela cuando quieras.

1 email
/día
4 ramas
a elegir
20:00
CET
  • CVE · IA · Bug Bounty · Cyber
  • Sin spam, sin tracking invasivo

Sin tarjeta · Cancela en 1 clic

Ciberataques3 jun 2026·2 min

JINX-0164 hits crypto firms with fake recruiter macOS malware

JINX-0164 uses fake recruiter lures to deploy custom macOS malware against crypto firms and steal digital assets.

Leer artículo
IA2 jun 2026·2 min

Claude Mythos goes public: what the security delay means

Anthropic confirms Mythos-class Claude models will reach the public after a delay over software security risks.

Leer artículo
IA1 jun 2026·1 min

GreyVibe uses ChatGPT & Gemini to power cyberattacks

Russian-linked GreyVibe cluster weaponizes ChatGPT and Gemini to generate phishing lures targeting Ukrainian organizations.

Leer artículo
Newsletter BBLabs

Lo que importa hoy, filtrado por la IA.

Un email al día con los CVE críticos, breaches activos, writeups jugosos y novedades en IA.

  • Personaliza qué ramas recibes
  • Un email al día · ~20:00 CET
  • Cancela en un clic
Recibe el próximo

Sin spam · sin tracking invasivo · cancela en 1 clic

Ciberataques1 jun 2026·2 min

Dutch police arrest admins of bulletproof hosting used by Russian hackers

Dutch authorities arrested two admins of a bulletproof hosting service — infrastructure that ignores legal takedown requests — used by Russia-aligned threat actors.

Leer artículo
CVE1 jun 2026·2 min

Microsoft removes GitHub account over public zero-day drops

Microsoft removes GitHub account of researcher who publicly dropped zero-days without coordinated disclosure, then publicly endorses CVD.

Leer artículo
Ciberataques31 may 2026·2 min

Dutch police seize 200+ servers, kill 17M-device botnet

Dutch police take down a 17-million-device botnet and seize 200+ servers from a local hosting provider.

Leer artículo
Newsletter

Recibe lo más relevante en tu inbox, sin paja.

Un email al día con los CVE, breaches, writeups y novedades en IA que de verdad importan. Cancela cuando quieras.

IA31 may 2026·2 min

ChatGPT share links abused to deliver malware

Threat actors are abusing ChatGPT share links to serve fake OpenAI outage pages that deliver malware disguised as the desktop app.

Leer artículo
Bug Bounty31 may 2026·2 min

Shopify: email confirmation bypass → account takeover

@ngalog bypassed Shopify's patch for a prior email-confirmation bug and verified arbitrary emails to access accounts they didn't own.

Leer artículo
CVE31 may 2026·2 min

Emergency SharePoint patch: update now

Microsoft issued an out-of-band SharePoint patch, signaling active exploitation or critical severity outside the normal Patch Tuesday cycle.

Leer artículo
IA30 may 2026·2 min

Anthropic's Mythos: 23K vulns found in 1,000 OSS projects

Anthropic's Mythos AI agent detected 23,000 potential vulnerabilities across 1,000 open source projects, many already confirmed critical.

Leer artículo
Ciberataques30 may 2026·2 min

Kali365 PhaaS bypasses Microsoft 365 MFA via OAuth device code

FBI warns about Kali365 PhaaS platform stealing Microsoft 365 session tokens by abusing OAuth device code flow to bypass MFA.

Leer artículo
Bug Bounty30 may 2026·2 min

Ruby JSON.generate leaks heap memory via null bytes

Ruby's JSON.generate leaks arbitrary heap memory when null bytes are passed via JSON::State.space.

Leer artículo
Ciberataques28 may 2026·2 min

Megalodon: 5,500 GitHub repos backdoored via Actions workflows

Over 5,500 GitHub repositories backdoored with malicious Actions workflows silently exfiltrating CI/CD secrets, keys, and credentials.

Leer artículo
Bug Bounty28 may 2026·2 min

TaxJar: org owner could hijack any member's account

TaxJar (Stripe) let an org owner overwrite any member's email address, enabling full account takeover.

Leer artículo
Bug Bounty27 may 2026·2 min

Kimwolf DDoS-for-hire botnet operator arrested in Canada

DoJ arrests Canadian operator of Kimwolf, a DDoS-for-hire botnet built as a variant of AISURU.

Leer artículo
Ciberataques26 may 2026·2 min

China's Webworm hits EU govs via Discord and Microsoft Graph

Chinese APT Webworm targets EU governments using Discord and Microsoft Graph API as covert command-and-control channels.

Leer artículo
CVE26 may 2026·2 min

CVE-2026-31635 DirtyDecrypt: public PoC for Linux kernel LPE

Public PoC released for CVE-2026-31635 (DirtyDecrypt), a Linux kernel local privilege escalation flaw discovered by Zellic and V12.

Leer artículo
Ciberataques26 may 2026·2 min

Linux rootkits, router 0-day, AI intrusions: 25 attacks

Attackers exploit trusted tokens, packages, and accounts across 25 incidents reported this week.

Leer artículo
IA26 may 2026·2 min

RAMPART & Clarity: security testing for AI agents

Microsoft open-sources RAMPART and Clarity, two frameworks for security-testing AI agents at development time.

Leer artículo
Bug Bounty26 may 2026·3 min

Repo jacking on bundler.io: open supply chain attack

Repo jacking on bundler.io let an attacker claim Bundler's orphaned GitHub repo and inject malicious code into any Ruby project referencing it.

Leer artículo
Ciberataques26 may 2026·2 min

Megalodon: 5,561 GitHub repos hit with malicious CI/CD workflows

5,718 malicious commits pushed to 5,561 GitHub repos in six hours to steal CI/CD pipeline secrets.

Leer artículo
Previous12Next
BBLabs NewsBBLabs News

BBLabs News

Una historia al día. Cero ruido.

Newsletter técnica de ciberseguridad. Una historia al día sobre CVEs críticos, brechas, bug bounty e IA. Filtrado por IA, escrito para humanos.

Producto

  • Hemeroteca
  • Ediciones
  • Temas
  • Glosario
  • RSS
  • Atom
  • JSON Feed

Editorial

  • Acerca de
  • Suscribirse
  • Cuenta
  • English

Legal

  • Privacidad
  • Términos
  • Contacto: team@bblabs.es

Conectar

  • YouTube · @0xGorka
  • Instagram · @bblabs.es
  • Discord BBLabs
  • Discord Bug Bounty ES
31 artículos·10 ediciones·Desde 2026·Hecho en España
© 2026 BBLabs News·Por Gorka El Bochi