skip to content

Cyber / Brief — 4 Jul 2026

The geopolitics of frontier AI hardened into a decoupling: Alibaba ordered staff to stop using Anthropic's Claude Code, branding it high-risk software over the hidden tracking code the company had only just agreed to remove, even as Anthropic's own account of its twenty-day export…

The geopolitics of frontier AI hardened into a decoupling: Alibaba ordered staff to stop using Anthropic's Claude Code, branding it high-risk software over the hidden tracking code the company had only just agreed to remove, even as Anthropic's own account of its twenty-day export showdown revealed how an Amazon-flagged jailbreak scare — later disputed by security experts — briefly scrubbed the West's most powerful models from the internet. Beneath the drama, doubts about the AI build-out crept into markets, with the trade splitting Asia into winners and losers and economists questioning Europe's promised "AI dividend" as data centres drew scrutiny for the water and power they consume. Europe answered on the sovereignty front, with a German state moving fifty thousand public workers onto open-source Nextcloud and Brussels conceding that its new biometric border system is buckling under summer traffic. The security undercurrent was a supply-chain one: North Korea-linked actors slipped credential-stealing packages into the npm ecosystem, a newly named crew called Armored Likho was caught running espionage against government agencies and the electric power sector, and analysts traced how an unvetted "shadow AI" tool became the trusted connection that let intruders loot and extort a major cloud platform.

Top Stories


AI & Power

How the world's top AI models were revivedAxios
Why it matters: Inside how Washington's reversal revived the world's top AI models
The fight that scrubbed the world's most powerful AI models from the internet featured personality clashes, industry confusion, and international backlash. Why it matters: Anthropic's models are back online, but the impact of its 20-day showdown with the Trump administration will be long lasting. Behind the scenes: It began when Amazon, Anthropic's partner and investor, sounded an alarm that was later disputed by cybersecurity experts. It warned about a "jailbreaking" issue it found with the AI

More details on Fable 5’s cyber safeguards and our jailbreak frameworkAnthropic News
Why it matters: Anthropic details Fable 5's cyber safeguards and its jailbreak framework

AI Split Asia Into Winners and Losers. The Balance Looks Unsustainable.Technology - WSJ.com
Why it matters: AI is splitting Asia into winners and losers on an unsustainable balance
Cracks are appearing in the artificial-intelligence trade, whiplashing tech-heavy indexes as doubts about the profitability and sustainability of the AI build-out creep in.

AI Data Centers Use Far More Water Than Most Tech Giants ReportTechnology - WSJ.com
Why it matters: AI data centres consume far more water than most tech giants disclose
Water used at the power plants that supply electricity to data centers can be much greater than the water used in the data centers themselves.

Chinese LLMs Broaden the Gap Between Attackers & Defendersdarkreading
Why it matters: Chinese LLMs are widening the gap between attackers and defenders
Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried?

Anthropic wants to develop its own drugsThe Verge
Why it matters: Anthropic moves to develop its own drugs, pushing AI into discovery
At the event "The Briefing: AI for Science" earlier this week, Anthropic announced Claude Science , a new " AI workbench for scientists " that pulls fragmented tools and datasets into one environment, and generates figures and visuals. Anthropic, already dominating the industry with its popular coding tools and powerful AI models, framed the launch around what it says is AI's potential to "dramatically accelerate the pace of scientific discovery and the development of healthcare interventions,"

Allianz's Subran Has Doubts Over Europe's 'AI Dividend'Bloomberg Technology
Why it matters: Allianz's chief economist doubts Europe's promised 'AI dividend'
Ludovic Subran, chief investment officer and chief economist at Allianz, says there isn't enough evidence to say that the AI trade is in "bubble" territory. Speaking to Bloomberg's Caroline Connan at the Aix-en-Provence Economic Forum in France, he also says emerging-market stocks are looking more attractive due to demand for semiconductors, and that Europe might fail to reap the "AI dividend." (Source: Bloomberg)

Google DeepMind Unionization Talks Are Off to a Rocky StartWIRED
Why it matters: Google DeepMind unionisation talks open on rocky ground
During negotiations on Wednesday, employees voiced frustrations with what they consider an unwillingness among executives to engage meaningfully with the prospect of unionization.

A behind-the-scenes look at Midjourney’s medical scanner leaves many questions unansweredThe Verge
Why it matters: Midjourney's medical-scanner demo raises more questions than answers
A scan of an imaging phantom, segmented to validate how cleanly structures separate under controlled conditions. | Image: Midjourney Medical Midjourney has shown more of its futuristic medical scanner . It still hasn't shown much proof it works. The AI startup, best known for generating images, released a behind-the-scenes video of its dunk-tank ultrasound scanner, which it plans to deploy in spas and hopes will transform medicine with cheap, detailed, radiation-free imaging. The nearly 20-minut


EU & Technology

Mecklenburg-Vorpommern expands open source strategy with statewide Nextcloud rolloutTech.eu
Why it matters: A German state goes statewide on Nextcloud in an open-source sovereignty push
Today the German state of Mecklenburg-Vorpommern is embracing open source and rolling out a statewide collaboration platform based on Nextcloud – with the goal of reaching more than 50,000 employees across state and municipal administration in the long term. Mecklenburg-Vorpommern follows the example of other frontrunners such as Schleswig-Holstein, the Austrian Ministry of Economic Affairs and the French Ministry for the Energy Transition, among others. The French Ministry of Education uses Nex

Pytorch: the software layer underpinning Europe's AI ambitionsTech.eu
Why it matters: PyTorch is quietly the software layer underpinning Europe's AI ambitions
Europe has emerged as one of the world's leading centres for open-weight AI, with companies including Mistral, Black Forest Labs and Helsing contributing to a growing ecosystem focused on open models and AI sovereignty. Much of that ecosystem relies on PyTorch, the open source machine learning framework used by the vast majority of organisations training frontier AI models. Earlier this year, I spoke with Mark Collier, Executive Director, PyTorch Foundation, at the PyTorch Paris conference. From

Exclusive: ETCI-backed VC firms split over plan to limit non-European investmentsSifted
Why it matters: EU-backed VCs split over a plan to curb non-European investment

EU appears to find datacenter emissions easier to offset than lobbyistswww.theregister.com - Articles
Why it matters: Brussels finds datacentre emissions easier to offset than its lobbyists
The European Union's proposed environmental rating system for datacenters may be amended in response to lobbying from IT industry heavyweights, making it easier to offset greenhouse gas emissions using clean energy certificates. According to the Financial Times, the European Commission is weakening its original proposals after pressure from datacenter operators and tech giants. The newspaper claims to have seen the revised draft of the regulations, set to be discussed by representatives of membe

Video Games in Europe Face New Restrictions on Age, ‘Loot Boxes’Bloomberg Technology
Why it matters: Europe readies new age and loot-box restrictions on video games
Requiring parental approval for young people to play not only decreases the potential audience for those games, but can also make kids less likely to play in general.

Microsoft Disclosure Provides Rare Glimpse of Tax Haven TacticsNYT > Technology
Why it matters: A rare disclosure exposes Microsoft's tax-haven tactics in Europe
The French headquarters of Microsoft in Issy-les-Moulineaux. France is one of the European countries where Microsoft said it had small profits.

Inside the 30-year EU initiative turning startup placements into patentsSifted
Why it matters: A 30-year EU scheme is turning startup placements into patents

AI bills are baffling the C-suite after shift to usage-based pricingwww.theregister.com - Articles
Why it matters: Usage-based AI pricing is baffling the European C-suite
Nearly a third of corporate leaders report difficulty understanding and controlling operating costs when implementing business AI at scale, according to a survey from KPMG. In recent months, Anthropic, OpenAI, and GitHub have shifted some services away from flat-rate subscriptions toward usage-based billing. "As usage-based pricing models become more common, many organizations are still building the capabilities required to forecast, monitor, and manage AI spending effectively," KPMG said. The s


US & Technology

While you’re watching the World Cup, the feds may be watching youThe Verge
Why it matters: As you watch the World Cup, US federal surveillance may be watching you
It's a big year for America. It's the semiquincentennial, otherwise known as America250, and the United States is cohosting the World Cup . But spectators at these events - and the millions of people who live in the cities hosting them - may not realize that they, too, are being watched. From Kansas City to New York, the US cities hosting the World Cup have been ramping up their surveillance capabilities in the months leading up to the tournament. Security measures are at an all-time high in Was

3 Nuclear Startups Hit a Big Milestone. Why It Matters—and Why It Doesn’tWIRED
Why it matters: Three nuclear startups clear a milestone that may power the AI buildout
The companies’ Fourth of July plans include celebrating new reactor designs coming online. But there’s still a long way to go before they deliver energy at a meaningful scale.

Meta Is Charging a Subscription for Smart Glasses Features. Welcome to the New Era of Consumer TechWIRED
Why it matters: Meta puts smart-glasses features behind a subscription — a new consumer-tech era
You bought the hardware. Now you’ll need to subscribe for “expanded access” to the most advanced features.

Sony Erases Digital Content From Libraries, a Reminder That You Don’t Own What You BuyWIRED
Why it matters: Sony erasing bought content is a reminder you don't own what you buy
In September, some PlayStation customers will no longer be able to access some purchased movies and shows. It underscores the fact that digital purchases are really more like long-term rentals.

Democrats plot subpoena storm over Trump's $2 billion gold rushAxios
Why it matters: Democrats plot a subpoena storm over Trump's crypto gains
Democrats are preparing a hostile audit of President Trump and his inner circle, intent on exposing — and ultimately ending — the most lucrative presidency in American history. Why it matters: Since winning the 2024 election, Trump has operated in a Wild West of his own making — monetizing the office to the tune of billions, while enabling family, friends and donors to cash in along the way. He and the White House have denied any conflicts of interest. Republicans, who spent years investigating

The DEA Plans to Ban Opioid-Like Kratom Compound 7-OHWIRED
Why it matters: DEA moves to ban the opioid-like kratom compound 7-OH
The federal agency says it will temporarily schedule the drug, which has been called “gas station heroin,” as a controlled substance—a boon for MAHA and the mainstream kratom industry.


China & Technology

Alibaba bans staff from using Claude Code over Anthropic spyware concernsTech - South China Morning Post
Why it matters: Alibaba bans staff from using Claude Code over Anthropic spyware concerns
Alibaba Group Holding has banned its employees from using Anthropic’s Claude Code for work, citing security risks related to the US artificial intelligence firm’s previous use of hidden code to track Chinese users – a move that has sparked widespread backlash in recent days. “As Claude Code was recently discovered to carry back-door risks, after comprehensive evaluation, Claude Code has now been added to a list of high-risk software with security vulnerabilities,” Alibaba said on Thursday in an…

China’s ByteDance discovers new scaling law that could sustain AI boomTech - South China Morning Post
Why it matters: ByteDance claims a new scaling law that could keep the AI boom going
Researchers at TikTok parent ByteDance have discovered a new scaling law governing how fast artificial intelligence agents can improve by performing real-world tasks, a finding that could help prolong the AI boom just as traditional development methods hit a wall. In a research paper published on Thursday, ByteDance’s Seed AI team revealed that AI agents – autonomous software that executes tasks on a human’s behalf – can double their learning speed every three months by interacting with…

Alibaba’s Elements Claw AI agent unearths 4 new superconductorsTech - South China Morning Post
Why it matters: Alibaba's DAMO AI agent finds four new superconductors in 28 GPU hours
Alibaba Group Holding’s Damo Academy has unveiled what it calls the industry’s first artificial intelligence agent for discovering superconducting materials, saying that the tool has already found four previously unknown compounds that were later verified in laboratory experiments. Superconducting materials are substances able to conduct electricity without resistance and expel magnetic fields when cooled to low temperatures – a capability breakthrough that could revolutionise power grids,…

Unitree IPO to test valuations as venture capital floods China roboticsTech - South China Morning Post
Why it matters: Unitree's IPO will test valuations as VC floods China robotics
Unitree Robotics has secured approval from China’s securities regulator for a Shanghai initial public offering that is poised to set a valuation benchmark for China’s sizzling embodied AI sector. The nod from the China Securities Regulatory Commission came about a month after the Hangzhou-based company cleared a review by the Shanghai Stock Exchange’s listing committee. Unitree is now finalising its underwriting plan, pricing and share subscriptions for a potential debut as early as late…

China's Domestic AI Compute Revolution Reaches a Tipping PointPandaily - China Tech News, AI & Electric Vehicle Insights
Why it matters: China's domestic AI-compute substitution reaches a tipping point
China's domestic AI compute industry is undergoing a historic transformation as internet giants accelerate their adoption of homegrown chips, according to a detailed analysis by TMTPost. In mid-June, reports emerged that ByteDance is in talks to purchase at least 50,000 AI chips from Tianshu Zhixin primarily for inference tasks, utilizing the Zhikai and Tianai series GPUs. Shortly after, reports indicated that Alibaba is also approaching Tianshu Zhixin as a potential customer. The market respond

China Proposes Expanding E-Commerce Law Scope, Platform RulesBloomberg Technology
Why it matters: China proposes widening its e-commerce law and platform rules
China released draft amendments to its E-Commerce Law that would expand coverage beyond platforms and merchants, and revise rules governing the digital economy.


Defence & National Security

Europeans to fill almost all gaps left by US in NATO defense plans, source saysDefense News
Why it matters: Europeans move to fill almost all the gaps the US is leaving in NATO plans
European NATO allies have largely filled the gaps left by the United States in the alliance’s defense plans, NATO’s top commander said on Thursday, adding the bloc was looking at workarounds to address the remaining shortfalls in a few areas. “In a matter of weeks, European allies have largely filled the gaps left by U.S. reductions to the NATO Force Model,” NATO’s top commander, U.S. Air Force General Alexus Grynkewich, said in information provided to Reuters when asked for comment on the topic

Netherlands adopts software-first strategy for military drones in multimillion-euro Intelic partnershipTech.eu
Why it matters: Netherlands adopts a software-first strategy for military drones
The Dutch Ministry of Defence has signed a strategic partnership worth tens of millions of euros with Dutch defence technology company Intelic to build the software foundation for its future unmanned systems ecosystem, making the Netherlands the first country in the world to formally invest in a Software-First approach to military interoperability. The three-year agreement marks a shift in how defence capabilities are developed. Rather than acquiring platforms first and addressing integration ch

Multibillion-dollar contract secures ‘major step forward’ for GCAP fighter jetDefense News
Why it matters: A multibillion contract pushes the GCAP next-gen fighter forward
ROME — Japan, Italy and the U.K. have handed a £4.6 billion ($6.1 billion) development contract to their national champions building the GCAP jet, days after the U.K. freed up crucial cash to make it happen following a months long hold-up. The three nations said on Friday they had handed the 18-month contract to Edgewing, the industrial consortium grouping firms building the sixth-generation fighter. The announcement came three days after the announcement of the U.K.’s delayed Defence Investment

Civilian infrastructure is now a strategic target. NATO must adapt to protect it.Atlantic Council
Why it matters: NATO told civilian infrastructure is now a strategic target it must defend
Allies must preserve the ability to move, reinforce, sustain, communicate, mobilize, and, if necessary, fight under conditions of disruption. The post Civilian infrastructure is now a strategic target. NATO must adapt to protect it. appeared first on Atlantic Council .

Air Force, Space Force combine multiple AI tools in latest battle management experimentDefenseScoop
Why it matters: Air Force and Space Force fuse multiple AI tools in a battle-management test
The Air Force recently experimented with multiple artificial intelligence tools designed to improve battle management, expanding on and validating the service’s past work to test the technology for future operations. The Department of the Air Force’s Advanced Battle Management System (ABMS) Cross-Functional Team hosted its inaugural Multi-Decision Advantage Sprint for Human-Machine Teaming (MASH) experiment in May. Held in Las Vegas, Nevada, the two-week event was the latest in a series of warga

Royal Navy’s Sea Launch Of Combat-Proven Nyan Kamikaze Drone Points To Fleet’s ‘Hybrid’ FutureTWZ
Why it matters: Royal Navy's sea-launched kamikaze drone points to a hybrid fleet
The U.K. Royal Navy has launched a kamikaze drone, the Nyan one-way effector, from a ship at sea, marking a significant step toward the U.K.’s ambition of a so-called ‘hybrid’ naval force. This is just one element of a much broader push toward increased reliance on uncrewed platforms, something that was underscored in the long-awaited Defense Investment Plan , unveiled earlier this week . During recent trials off the south coast of England, the Nyan one-way effector drone was launched from the e


Digital Sovereignty & Identity

Von der Leyen admits ‘technical problems’ with new EU airport border checksPolicy – POLITICO
Why it matters: Von der Leyen concedes technical faults in the EU's new biometric border checks
The EU’s new digital Entry/Exit System is experiencing “technical problems,” European Commission President Ursula von der Leyen acknowledged on Friday. “We are working with the member states [so] that the technical problems are being solved,” von der Leyen said at a press conference in Cork, Ireland. The EES has been a subject of concern since its gradual rollout last year, but the problems have become more acute as air traffic picks up during Europe’s peak summer travel season. Airports and air

Wallet interoperability takes shape as Google’s influence growsBiometric Update
Why it matters: Wallet interoperability takes shape — as Google's influence grows
A wave of new partnerships between major tech players is accelerating a multi-wallet digital identity ecosystem, even as critics warn it pushes Europe into a dependency on Google and Apple. Signicat, TrustTech build reusable identity through private wallets Signicat has announced a partnership with TrustTech , a digital trust infrastructure company specializing in identity verification, reusable compliance checks and trusted signatures. A release says the partnership aims to help regulated busin

Christine Lagarde: Interview with Les ÉchosECB - European Central Bank
Why it matters: Lagarde signals the ECB's next moves as the digital-euro debate sharpens

Study finds governance, not technology, is blocking digital ID interoperabilityBiometric Update
Why it matters: Governance, not technology, is what blocks digital-ID interoperability
An academic study has delved into the interoperability paradox currently hampering some of the most technically mature digital identity systems around the world, finding that such failure is due to institutional governance problems, and not technical standards or compliance deficit issues. Co-authored by Shah Mahmood and Carsten Maple of the University of Warwick and Mark Hooper of the Alan Turing Institute, the study looked into the digital ID systems of Brazil, Nigeria and the Philippines, whi

Visa expands payment passkeys, from issuer rollout to AI agent commerceBiometric Update
Why it matters: Visa extends payment passkeys toward AI-agent commerce
Visa is expanding the use of payment passkeys across digital commerce with an issuer infrastructure in Asia Pacific, an online checkout in India, and agentic payments in Europe. Thales has become the first technology partner in the APAC region to join the Visa Digitalization Ready Program (VDRP) to help banks and card issuers deploy next-generation digital payment services more quickly. The rollout will focus on Click to Pay and payment passkeys , with Thales supporting the implementation throug

Biometrics to anchor 175 billion digital ID checks by 2030 as Gen AI makes doc forgery easyIdentity Week
Why it matters: Biometrics to anchor 175bn ID checks by 2030 as GenAI eases forgery
As Generative AI lowers the barrier for highly sophisticated fraud, the global digital identity landscape is undergoing a massive paradigm shift. Total digital identity verification checks are projected to soar to 175 billion globally by 2030, with biometric verification emerging as the market’s fastest-growing modality, according to a new study by global tech strategists Juniper Research. The report, Digital Identity Verification Market 2026-2030 , reveals that biometric verifications, such as


Threat Intelligence (CTI)

[P2] North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer SecretsThe Hacker News
Why it matters: North Korea-linked npm packages mimic Rollup polyfills to steal developer secrets
JFrog links North Korea-tied actors to malicious npm packages ('rollup-packages-polyfill-core' and a sibling) that impersonate legitimate Rollup polyfill tooling to gain remote access and steal developer secrets.
severity high · EU: NIS2 · actor North Korea-linked actor (60%)

[P1] Armored Likho Targets Government Agencies, Power Sector with BusySnake StealerThe Hacker News
Why it matters: Armored Likho hits government agencies and the power sector with BusySnake stealer
Kaspersky attributes a newly documented actor, Armored Likho, to espionage and financially motivated attacks on government agencies and the electric power sector across Russia, Brazil and Kazakhstan, using the BusySnake stealer.
severity high · exploited in the wild · EU: NIS2, CER Directive · actor Armored Likho (55%), escalation

[P3] Qilin Dominates Ransomware Market Amid Growing Cybercrime ConsolidationInfosecurity Magazine
Why it matters: Qilin dominates the ransomware market amid cybercrime consolidation
Researchers report the ransomware market is reconsolidating around big operators, with Qilin now the leading ransomware-as-a-service brand.
severity medium · EU: NIS2 · actor Qilin (50%)

[P2] Warning Over “Industrialized” Cyber-Attacks After Ransomware Gang Partners With TeamPCPInfosecurity Magazine
Why it matters: Warning of industrialised attacks as a ransomware gang partners with TeamPCP
Researchers and the FBI warn that a ransomware gang's partnership with TeamPCP could enable 'industrialised', unprecedented-scale attacks.
severity high · EU: NIS2

[P2] New Avalon Malware Framework Packs CrownX Ransomware CapabilitiesThe Hacker News
Why it matters: New Avalon malware framework ships CrownX ransomware capabilities
Researchers detail Avalon, a previously undocumented modular malware framework delivered by multi-stage phishing that bundles credential theft, lateral movement, remote access, recovery disruption and CrownX ransomware.
severity high · EU: NIS2


Quantum & Cryptography

Wultra Raises 6.8 Million Euros for Post-Quantum Digital IdentityID Tech
Why it matters: Wultra raises EUR6.8M for post-quantum digital identity
Wultra, a Prague-based provider of post-quantum authentication and digital identity software for banks and fintechs, has raised 6.8 million euros in a Series A round to expand its tools for […] The post Wultra Raises 6.8 Million Euros for Post-Quantum Digital Identity appeared first on ID Tech .

Why crypto-agility requires real governancePQShield
Why it matters: Crypto-agility needs real governance, not just new algorithms
Eric Amador believes that organizations must look beyond simple algorithm replacements to survive the coming quantum threat. Many security teams view post-quantum migration as a routine IT patch, but the reality demands a complete structural overhaul. Recent announcements from Google regarding advancements in breaking elliptic curve cryptography highlight that historical timelines are likely to move faster than expected. Therefore, security professionals cannot afford to wait for a perfect timel

NSA unveils QuantumEAGLe initiativeIntelligence Community News
Why it matters: NSA unveils its QuantumEAGLe initiative
On June 30, the Laboratory for Physical Sciences (LPS) at the National Security Agency (NSA), in close collaboration with the U.S. Army Combat Capabilities Development Command (DEVCOM) Army Research Office (ARO), announces the launch of the Quantum Ecosystem Advancement, Growth & Leadership (QuantumEAGLe) initiative in support of the President’s Quantum Executive Order. This new program aims to accelerate the U.S. quantum computing ecosystem and strengthen the nation’s leadership in quantum tech


Cybersecurity & Threats

[P2] New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits AndroidThe Hacker News
Why it matters: 'Bad Epoll' Linux kernel flaw lets unprivileged users gain root, hits Android
Bad Epoll (CVE-2026-46242) is a Linux kernel epoll flaw letting an unprivileged local user escalate to root across desktops, servers and Android; a fix is available.
severity high · CVE-2026-46242 · EU: NIS2

[P2] Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded DevicesThe Hacker News
Why it matters: Unpatched flaws in a filesystem bundled into millions of embedded devices
runZero disclosed seven vulnerabilities in FatFs, a FAT/exFAT library embedded in the firmware of cameras, drones, industrial controllers and hardware wallets, many devices unpatched.
severity high · EU: NIS2, CRA (Cyber Resilience Act)

[P2] AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient datawww.theregister.com - Articles
Why it matters: AdaptHealth says attackers talked their way into cloud systems and took patient data
AdaptHealth told the SEC that attackers used social engineering against a third-party contractor to reach patient-management, document and EHR portal systems and steal patient data including billing credentials.
severity high · exploited in the wild · EU: GDPR, NIS2 (health)

[P2] The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel IncidentSecurity Affairs
Why it matters: Anatomy of a shadow-AI supply-chain breach — lessons from the Vercel incident
A retrospective on Vercel's April 2026 breach shows an unvetted 'shadow AI' tool became a trusted corporate connection attackers rode in to steal data and extort $2M.
severity high · exploited in the wild · EU: NIS2, AI Act (governance)

[P2] Critical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code ExecutionSecurityWeek
Why it matters: Critical Cursor AI code-editor flaws could yield OS-level remote code execution
The DuneSlide flaws in the Cursor AI code editor enable zero-click prompt-injection that escapes the sandbox and runs arbitrary code on the host OS.
severity high · EU: NIS2

[P3] PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login PasswordsThe Hacker News
Why it matters: PamStealer targets macOS via fake Maccy sites and PAM checks
PamStealer, flagged by Jamf Threat Labs, is a macOS stealer shipped as a compiled AppleScript impersonating the Maccy clipboard app to siphon login passwords and data.
severity medium · exploited in the wild · EU: NIS2, GDPR

tagged