‼️ BREAKING: Anthropic has embedded hidden spyware-like code in Claude Code that covertly targets Chinese users. It then sends information regarding every user by injecting it into their prompt message.
Claude Code is sending info like timezone, proxy and possible AI Lab connections into the system prompt in ways Chinese users can't notice.
A coding agent with repo and command permissions should not silently hide routing metadata inside prompts. This is a serious breach of user trust.
🚨 FortiBleed – 70,000+ Fortinet Firewalls Compromised in Massive Exploitation Attack
Source: https://t.co/lVtJOueGaF
An exhaustive cyber espionage campaign now dubbed "FortiBleed" has silently compromised over 73,932 unique Fortinet firewall URLs across 194 countries.
Threat actors executed an estimated 1.16 billion credential-based attempts against over 320,000 FortiGate targets, while simultaneously launching an additional 2.1 billion brute-force attempts against more than 160,000 MSSQL servers, resulting in 21,632 unique compromised domains.
This campaign is attributed to a multi-operator, Russian-speaking cybercriminal group whose methodology goes well beyond simple credential stuffing.
#cybersecuritynews
The feature reduces the possibility of data exfiltration by slashing external capabilities, but OpenAI oddly tells enterprise CISOs ‘prompt injection is not currently a major risk.’ https://t.co/jNv4P186yQ
In 2025, the cost of #cybercrime is estimated to have reached $10.5 trillion and is expected to increase to $12.2 trillion by 2031, according to Cybersecurity Ventures @CybersecuritySF. https://t.co/rlYGeVPbM6
🇲🇽 Mexico's "Programas para el Bienestar" has allegedly been listed on a cybercrime forum.
* Threat actor claims to possess data associated with the Mexican social welfare program
* Forum post advertises the dataset under the name "BIENESTAR-LEAK"
* Initial listing suggests the data may be linked to beneficiaries and government program records
Analyst Note:
Government welfare databases are particularly sensitive because they often contain identity, financial, demographic, and social assistance information. If the claims are verified, affected individuals could face identity theft, fraud, and targeted social engineering campaigns, while the exposure could also create broader national privacy concerns.
#DDW #Intelligence #DarkWeb #Mexico