Claude Code v2.1.196 modifies the default system prompt to silently encode and upload information about whether if you are located in China to Anthropic.
We're live at @BlackHatEvents Asia!
Solve our hacking challenge to win exclusive swag: https://t.co/QnMQHuG6rA
→ At least 4 challenges: 1 wheel spin
→ At least 8 challenges: 2 wheel spins
→ All 12 challenges: 3 wheel spins
💡 The challenge is fully accessible online, but rewards can only be redeemed at our booth. To participate, simply log in to your YesWeHack account to submit your payload.
⚠️A critical vulnerability (GHSA-vjh7-7g9h-fjfh) has been discovered in the widely-used elliptic encryption library.
😈Attackers can exploit this flaw by crafting specific inputs to extract private keys with just a single signature, potentially compromising digital assets or identity credentials.
✍️In our latest article, we break down the vulnerability—its root cause, impact, and how to mitigate the risks.
❤️Special thanks to @Rabby_io for providing the vulnerability intelligence.
🔗Read the full analysis here:
https://t.co/5IVZpjuCr6
Found 3 XSS vulnerabilities in @solid_js, with 2 of them having CVEs and 1 no fix. Thanks to the team for fixing the bugs swiftly!
CVE-2025-27108, CVE-2025-27109
https://t.co/zGMcRirWhc
BREAKING: Someone just burnt 500 ETH (~$1,400,000) by sending it to 0x000... and wrote the following message 👇
"The bosses of Kuande Investment: Feng Xin and Xu Yuzhi used brain-computer weapons to persecute all company employees and former employees, and even they themselves were controlled."
(h/t @sassal0x)
Hello @msftsecresponse, is there any legitimate process inside MSRC to escalate an issue if I beleive it's not assessed properly and fairly by current engineering team?