AI
Claude Code Security didn’t kill cybersecurity. It exposed what’s coming next.
Claude Code Security, a new capability built into Claude Code on the web, is now available in a limited research preview. It scans codebases for security vulnerabilities and suggests targeted software patches for human review, allowing teams to find and fix security issues that traditional methods often miss.
Last week, Anthropic launched Claude Code Security, and public cyber stocks sold off hard.
CrowdStrike and Cloudflare fell around 8%. Okta and SailPoint both dropped by about 10%. Israel’s JFrog dropped roughly 25% in a day. Even the cybersecurity ETF slid about 5%.
The attack surface is expanding faster than defenses
Three forces are colliding:
- Software is changing at a velocity security teams were never built for.
- Attacks are accelerating, too.
- Security data is exploding across sources, and humans can’t keep up.
Arkanix Stealer pops up as short-lived AI info-stealer experiment
Arkanix was a short-lived project for quick financial gains.
The project included a control panel and a Discord server for communication with users, but the author took them down without notification, just two months after the operation began.
Arkanix offered many of the standard data-stealing features that cybercriminals are used to, along with a modular architecture and anti-analysis features.
Meta Director of AI Safety Allows AI Agent to Accidentally Delete Her Inbox
She asked it to “Check this inbox too and suggest what you would archive or delete, don’t action until I tell you to.” “This has been working well for my toy inbox, but my real inbox was too huge and triggered compaction. During the compaction, it lost my original instruction.”
Sage: Safety for Agents - a lightweight Agent Detection & Response (ADR) layer for AI agents
Sage intercepts tool calls (Bash commands, URL fetches, file writes) via hook systems in Claude Code, Cursor / VS Code, and OpenClaw, and checks them against
URL reputation,
Local heuristics (YAML-based threat definitions for dangerous patterns),
Package supply-chain checks, and
Plugin scanning.
OpenClaw security fears lead Meta, other AI firms to restrict its use
"While cool, it is currently unvetted and high-risk for our environment. Please keep Clawdbot off all company hardware and away from work-linked accounts.”
Apple's building a wearable panopticon and calling it Siri
It's a disc packed with two cameras and three microphones — you clip it to your collar or wear it around your neck, and it watches and listens to the world around you all day long, feeding everything to Siri. The pendant is one of three always-on camera wearables in Apple's pipeline. Smart glasses with dual cameras — high-res for photos and video, plus a computer-vision lens — target 2027. Camera-equipped AirPods could ship as early as this year. All three feed into a revamped Siri chatbot running on Google's AI models, expected in iOS 27.
Vibe Password Generation: Predictable by Design
LLM-generated passwords aren't random, quite the opposite--because LLMs are designed to predict tokens. Despite this, LLM-generated passwords appear in the real world – used by real users, and invisibly chosen by coding agents as part of code development tasks, instead of relying on traditional secure password generation methods.
Clinejection — Compromising Cline's Production Releases just by Prompting an Issue Triager
Cline is an open-source AI coding tool that integrates with developer IDEs such as VSCode and its many forks. Someone published a PoC for a prompt injection in Cline. The vulnerability has now been patched.
Unauthorized npm publish of Cline CLI cline@2.3.0 with modified postinstall script to install openclaw
That PoC was later used to hijack the actual Cline repo and push a malicious npm update that installed OpenClaw everywhere
Politics
Hacking conference Def Con bans three people linked to Epstein
The War Over Prediction Markets Is Just Getting Started
The most popular category by far is sports. Kalshi reported a daily record of over $800 million in trades on Super Bowl Sunday related to the game alone, and over $1.3 billion traded on contracts related to the event altogether.
Trump and his family plan to soon launch their own called Truth Predict. The president’s son Donald Trump Jr. is an adviser to both Kalshi and Polymarket, and his firm 1789 Capital is an investor in the latter. The Trump Media and Technology Group also has a strategic partnership with Crypto.com.
Stepping up for ICE detainees who need winter coats
The Minnesota Star Tribune asked representatives of ICE, the Department of Homeland Security and the White House whether people released from Whipple are offered a safe way home in subzero cold. The White House directed queries to DHS. None of the agencies replied.
Observers say they’ve seen people walk out of the barricaded building with injuries, with children and with tales of being whisked out of state, then returned without their belongings. Recently, Gerdes said, a woman and two children, ages 2 and 6, left Whipple without coats.
VPN Used by US Government Failed to Stop China State-Sponsored Hackers
When companies are bought out by private equity firms, they tend to load the company with debt and lay off large portions of the staff. For Ivanti, this meant firing engineers critical to security. Ivanti's security became so bad that many government agencies abandoned it.
The Trump Administration Is Ending Humanitarian Aid to Seven African Countries
Programs that survived the initial purge precisely because they were judged to be lifesaving are slated for cancellation.
Denmark Is Buying US Missiles to Defend Greenland From the United States — Yes, Really
In January 2026, the U.S. government approved the potential sale of American-made missiles to Denmark to strengthen its defensive capabilities in and around Greenland.
Infosec
Carelessness versus craftsmanship in cryptography
Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs
Nigerian man gets eight years in prison for hacking tax firms
He bought licenses for the Warzone RAT and encryption software known as a crypter to make the malware undetectable by antivirus solutions installed on the victims' devices.
He then sent phishing emails directing recipients to a Dropbox link that, when clicked, silently installed the malware on their systems.
UAE foils terror-linked cyberattacks targeting national infrastructure
Attackers also exploited AI technologies to develop complex offensive tools, a significant advancement in terrorist groups' methods and capabilities.
The DJI Romo robovac had security so poor, this man remotely accessed thousands of them
He reverse engineered DJI’s protocols using Claude Code. He simply extracted his own DJI Romo’s private token, and those servers gave him the data of thousands of other people as well.
|