Latest news

Klue Supply Chain Hack Exposes Salesforce Data at Nine Cybersecurity Companies
Databreach

Klue Supply Chain Hack Exposes Salesforce Data at Nine Cybersecurity Companies

23 June 2026 dark6

A supply chain attack on market intelligence platform Klue has compromised Salesforce CRM data across at least nine organizations, including...
Read more 0
Hackers Can Hijack Claude Code MCP Traffic to Steal OAuth Tokens — No Patch Coming
Cybercrime

Hackers Can Hijack Claude Code MCP Traffic to Steal OAuth Tokens — No Patch Coming

8 June 2026 dark6

Researchers at Mitiga Labs demonstrated a five-step npm supply chain attack that rewrites ~/.claude.json to redirect Claude Code MCP traffic...
Read more 0
1-Click GitHub Token Theft: VSCode Webview Flaw Exposes OAuth Tokens for All Private Repositories
Vulnerability

1-Click GitHub Token Theft: VSCode Webview Flaw Exposes OAuth Tokens for All Private Repositories

3 June 2026 dark6

A critical VSCode webview vulnerability lets attackers steal GitHub OAuth tokens with a single click, granting full access to all...
Read more 0
Vercel Data Breach: ShinyHunters Exploit OAuth Supply Chain Attack to Steal Customer Credentials for $2M Sale
Databreach

Vercel Data Breach: ShinyHunters Exploit OAuth Supply Chain Attack to Steal Customer Credentials for $2M Sale

7 May 2026 dark6

Vercel has confirmed a security breach originating through a compromised third-party AI tool (Context.ai), where attackers used stolen OAuth tokens...
Read more 0
Vercel Confirms OAuth Supply Chain Breach Linked to Context.ai Compromise; ShinyHunters Claims Responsibility
Databreach

Vercel Confirms OAuth Supply Chain Breach Linked to Context.ai Compromise; ShinyHunters Claims Responsibility

23 April 2026 dark6

Vercel has disclosed an internal breach caused by a compromised Context.ai OAuth token harvested via Lumma Stealer. A limited set...
Read more 0