The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.

エクスプロイトキット「Coruna」の概要

CorunaはiOS 13.0(2019年9月リリース)からiOS 17.2.1(2023年12月リリース)までを標的とする。被害者が悪意のあるWebサイトにアクセスすると、暗号資産ウォレットなどの機密情報を窃取されるという。
Cybernews

AI assistant runs hacker’s commands just from opening a project: critical vulnerability ...

Claude Code would execute hidden code from untrusted projects before any user confirmation, Check Point reports.
Security Boulevard

Microsoft’s February Security Update of High-Risk Vulnerability Notice for Multiple Products

Overview On February 11, 2026, NSFOCUS CERT monitored Microsoft’s release of its February security update patches, addressing 59 security issues across widely used products such as Windows, Azure, ...
SecurityWeek

VMware Aria Operations Vulnerability Could Allow Remote Code Execution

Broadcom has released patches for several vulnerabilities affecting VMware Aria Operations, including high-severity flaws.

Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks

A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted espionage campaigns and financially motivated attacks.