Tech Times

Fake Claude Code Installers on 32 Live Sites Steal Developer API Keys via Google Ads

Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026.
Morning Overview on MSN

Hackers just hit @antv inside wave 4 of the TeamPCP worm — the same crew that walked off with 3,800 of GitHub’s internal repositories two weeks ago

Sometime in late May 2026, a poisoned update slipped into the @antv family of JavaScript visualization libraries, the ...
The Hacker News

Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT

Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's DoubleClick domain as a way to evade detection and ultimately deliver a remote access trojan (RAT) named ...

Home Assistant: Smartphone apps allow takeover by attackers

The companion apps for Android and iOS create a security vulnerability in Home Assistant. Attackers could take over instances.
InfoQ

Google Workspace CLI: Unified Command-Line Tool Built for Humans and AI Agents

Google has released a new CLI for Google Workspace, offering a unified interface for various services like Drive, Gmail, and ...
The Hacker News

⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...