🧵The General Purpose AI (GPAI) Code of Practice is now available.
It helps providers comply with the EU AI Act, effective August 2, 2025. The next step should be the adoption by EU member states. ↘️
⚠️ Claude Code Hacked to Achieve Full RCE and Hijacked Organization API Keys | Source: https://t.co/BplbvJScaz
Critical vulnerabilities in Anthropic's Claude Code, an AI-powered command-line development tool.
The flaws could allow attackers to achieve Remote Code Execution (RCE) and exfiltrate Anthropic API keys by exploiting project configuration files. Claude Code allows developers to delegate tasks directly from their terminal.
To facilitate team collaboration, it supports project-level configurations through a .claude/settings.json file stored directly in the repository.
Malicious configurations could trigger unintended actions on a developer's machine, effectively turning a passive setup file into an execution vector.
#cybersecuritynews
‼️Cloudflare Zero-Day Vulnerability Enables Any Host Access Bypassing Protections
A critical zero-day vulnerability in Cloudflare’s Web Application Firewall (WAF) allowed attackers to bypass all security rules by sending requests to the /.well-known/acme-challenge/ path.
Discovered by FearsOff, the flaw stemmed from incorrect handling of ACME HTTP-01 certificate validation, where WAF protections were disabled even for invalid tokens.
This enabled direct access to origin servers, exposing sensitive data and making vulnerabilities in Spring/Tomcat, Next.js, and PHP applications exploitable.
The issue affected all Cloudflare-protected hosts globally and was fixed on October 27, 2025, with no confirmed malicious exploitation.
Source: https://t.co/vg6ymNOkz8
⚠️ Update: Check Point says CVE-2025-37164 is being mass-exploited to spread the RondoDox botnet, with 40,000+ attacks on Jan 7.
The activity targeted government, finance, and industrial sectors, prompting same-day KEV inclusion.
🔗 Read → https://t.co/BMzzDW07L8
#Kaspersky researchers discovered preinstalled malware on certain models of tablets running Android – we called it Keenadu.
It's a backdoor in 𝘭𝘪𝘣𝘢𝘯𝘥𝘳𝘰𝘪𝘥_𝘳𝘶𝘯𝘵𝘪𝘮𝘦.𝘴𝘰.
More details are coming soon!
#KasperskyGReAT#Research#Cybersecurity
⚠️ ALERT — A critical RCE flaw (CVSS 9.9) was found in the n8n workflow automation platform.
CVE-2025-68613 lets authenticated users execute arbitrary code, enabling full instance takeover, data access, and system-level actions.
More than 103k exposed instances are observed globally.
🔗 Details → https://t.co/o1aOR1YqIv
🛡️ Admins Can Block External Users in Microsoft Teams From Defender Portal
Source: https://t.co/eCyeaQBgrD
Microsoft is set to enhance the security integration between Microsoft Teams and Microsoft Defender for Office 365 with a new feature rolling out next month.
According to a new notification in the Microsoft 365 Message Center (MC1200058), security administrators will soon be able to manage blocked external users in Teams directly through the Tenant Allow/Block List (TABL) in the Microsoft Defender portal.
The integration empowers security teams to add specific external users or domains to the block list.
#cybersecuritynews
UPDATE !!
🚧 WAFs blocking your payloads? Not anymore.
🚀 NextRce v2.2 is out! Now featuring a specialized UTF-16LE Encoding Engine to bypass WAF signatures while exploiting CVE-2025-55182.
👻 The "Ghost Mode" encodes malicious JSON payloads to evade filters, but the Next.js server decodes and executes them perfectly.
github ; https://t.co/6OXSyNH1dl
#DevTools #python #bugbountytip #bugbountytips #InfoSec #recon #nextjs #React2Shell
8/ From threat hunting to supply-chain audits, DevSecOps hardening, and secrets management, we can help you detect, contain, and prevent these breaches. Contact us 👉 https://t.co/kwKe0xHt6d
🚨 Zapier’s NPM account was compromised.
Several of their packages were tampered with and pushed to the registry — a classic supply-chain attack with modern twists.
7/ But navigating this alone is hard, especially with fast-evolving exfiltration tactics.
This is where cybersecurity experts like Noxalis Lab make a real difference.
🚨 KawaiiGPT – Free WormGPT Variant Leveraging DeepSeek, Gemini, and Kimi-K2 AI Models
Source: https://t.co/9AgtVbOa5b
KawaiiGPT emerges as an accessible, open-source tool that mimics the controversial WormGPT, providing unrestricted AI assistance via jailbroken large language models.
Hosted on GitHub with over 188 stars and 52 forks, it requires no API keys and installs quickly on Linux or Termux environments. Users can deploy KawaiiGPT in minutes by updating packages, installing Python and Git, cloning the repository, and running simple install and launch scripts.
Linux distributions use apt-get commands, while Termux users use pkg equivalents, highlighting its lightweight design for pentesting or casual experimentation.
#cybersecuritynews
🚨 Hackers found a new way to phish — through browser notifications.
A new tool called Matrix Push C2 lets attackers send fake alerts that look like real ones from PayPal, Netflix, or TikTok.
No downloads. No malware file. Just one click — and your data’s theirs.
Learn more ↓ https://t.co/Ceq3JZU2PF
‼️CrowdStrike confirmed they were hit by an insider threat, someone took screenshots on internal systems and shared them with scattered LAPSUS$ hunters.
scattered LAPSUS$ hunters confirmed to us they paid $30K in total to the insider and gained direct access after receiving SSO authentication cookies.
CrowdStrike identified the insider threat quickly and revoked access.
🔒 The Louvre heist shows why legacy systems = hidden risk. Outdated tech and weak passwords aren’t small issues—they’re open doors. Resilience is strategic, not optional. 👉 https://t.co/Rj1Z50LJuy #CyberSecurity#RiskManagement#DigitalTrust