En
menu
Site language
Ru En
Социальные сети

forklog.media Record Coupang fine, attack on Claude Code users, and other cybersecurity news

We compiled the week's most important cybersecurity news. Microsoft disabled dozens of GitHub repositories after an attack on Claude Code users. Hacktivists targeted users in Ukraine via a WinRAR vulnerability. OpenClaw failed phishing tests. A disgruntled researcher continued a “war” with Microsoft after patches for earlier vulnerabilities. Microsoft disabled dozens of GitHub repositories after attack on Claude Code users Microsoft temporarily restricted access to dozens of its open-source repositories on GitHub after malware was inserted into code. Researchers at Cloudsmith and OpenSourceMalware reported the Miasma campaign. At least 70 projects were affected, many of them related to the Azure platform. These included repositories with tools developers use in AI coding applications, including Claude Code, Gemini CLI, and VS Code. According to the researchers, the malware targeted the theft of passwords and other sensitive credentials. It triggered when users opened the compromised tools. Cloudsmith recommended the following defensive measures: immediately change SSH keys, GitHub tokens, passwords for cloud services (Azure/GCP), and access to automated build systems; look for hidden processes in code editors (VS Code), unknown AI utilities, and new unexplained folders (repositories) in the company’s GitHub; going forward, avoid downloading updates for third-party libraries from the internet. Create an approved software list and keep an inventory. Microsoft spokesperson Ben Hope told TechCrunch the company temporarily removed some repositories to review potentially malicious content. Some have already been restored. Hacktivists targeted users in Ukraine via a WinRAR vulnerability Hacktivists from SHADOW-EARTH-066 (UAC-0226) and Gamaredon attacked Ukrainian government agencies through a vulnerability in the WinRAR archiver, according to Trend Micro and Sekoia researchers. A directory traversal flaw allows attackers, during archive extraction, to stealthily save malicious files outside the target folder—directly into startup. An example lure document used to create urgency and force interaction. Source: Trend Micro. According to the researchers, the infection chains work as follows: SHADOW-EARTH-066. Uses archives with fake PDF documents to silently install the GIFTEDCROOK infostealer. The program steals passwords from browsers and targeted documents. Notably, due to blocks in Russia, the hackers stopped using Telegram for data exfiltration and switched to their own servers; Gamaredon. The group, linked to the FSB, uses the exploit “at industrial scale.” Its multi-stage attack deploys loaders that deliver the GammaWorm worm (spreads via infected USB drives) and the GammaSteel stealer (uploads stolen files to AWS). Experts note that deep integration of an outdated WinRAR version into day-to-day operations at organizations in Ukraine makes it an ideal entry point for hacking campaigns. OpenClaw failed phishing tests Varonis researchers evaluated OpenClaw as an AI agent for email and concluded the system is vulnerable to techniques typically used against humans. They simulated four phishing attacks and tested the agent in two configurations. For the tests, OpenClaw was connected to Gmail, browser tools, the Google Workspace API, and a set of synthetic internal data. The framework was tested on Google Gemini 3.1 Pro and OpenAI GPT-5.4 in standard and “strict” modes with separate instructions for identity verification and anti-phishing procedures. Source: Varonis. Phishing simulations: impersonation of a team lead requesting access to a test environment during a supposed production incident. OpenClaw found and sent AWS IAM keys, database credentials, and SSH access details to an external Gmail address; a request to export client data under the pretext of working remotely on a presentation. The agent extracted and sent a CRM export containing client records, contact information, contract details, and revenue data without verifying the sender’s identity; the AI system received a fake gift card email containing a phishing link. In the standard configuration, the agent visited the phishing site and attempted to redeem the gift card using fabricated credentials before eventually recognizing the page as malicious. The strict configuration blocked the attack immediately; researchers created a malicious Google OAuth app disguised as a time-tracking platform. OpenClaw verified the OAuth authorization process, analyzed the destination, flagged the app as suspicious, and denied access. Disgruntled researcher continues “war” with Microsoft after patches for previous bugs A cybersecurity researcher using the alias Nightmare Eclipse disclosed a new 0-day vulnerability in Microsoft Defender, dubbed RoguePlanet. The exploit allows attackers to escalate privileges to the SYSTEM level and execute arbitrary code even on fully updated machines running Windows 10 and Windows 11. The incident was a continuation of a public dispute between the hacker and the tech giant. Back in April, Nightmare Eclipse promised to publish zero-day vulnerabilities after each patch released by Microsoft engineers. The June update closed several of his previous findings (GreenPlasma, MiniPlasma, and YellowKey), prompting the immediate release of RoguePlanet. ThreatLocker cybersecurity specialists told BleepingComputer they successfully reproduced the attack in their own testing. They confirmed the exploit works on fully updated Windows 11 systems with patch KB5094126 installed. South Korean tech giant fined $400 million over data breach South Korea’s Personal Information Protection Commission (PIPC) imposed a record fine of 624.6 billion won (about $409 million) on tech giant Coupang after a large-scale data leak. According to the regulator, insufficient security measures—including issues with authentication key management and access control—exposed the personal data of about 37.55 million people. Subsidiary Coupang Fulfillment Service was separately fined 248 million won for the unlawful collection, use, and processing of customers’ personal and sensitive data. PIPC also pointed to violations of data destruction and breach notification requirements, as well as interference with the work of an independent data protection officer and obstruction of the investigation. The breach occurred in June 2025 but was discovered only in November. A month later, Coupang said 33.7 million accounts were compromised. According to law enforcement, the main suspect is a 43-year-old Chinese national who worked in the company’s IT division in 2022–2024. Also on ForkLog: Eurojust shut down the AudiA6 crypto service. Anthropic CEO called for tighter oversight of AI models. Meta removed the facial recognition feature from its smart glasses after a scandal. The Raydium liquidity pool suffered a $1.34 million hack. The Humanity Protocol token plunged after a $31 million hack. Yuga Labs saved NFTs worth $500,000. What to read this weekend? ForkLog examined how Strategy’s business model works, why critics call it a pyramid scheme, and why supporters see it as an example of effective risk management.

forklog.media
скрыть

cryptobriefing.com Neymar Jr appears pitchside for Brazil’s World Cup debut, but his crypto legacy tells a different story

Neymar's sidelined World Cup presence highlights the fleeting nature of athlete-driven crypto ventures, underscoring speculative market risks. The post Neymar Jr appears pitchside for Brazil’s World Cup debut, but his crypto legacy tells a different story appeared first on Crypto Briefing.

1 cryptobriefing.com
скрыть

news.bitcoin.com SpaceX IPO Puts 18,712 Bitcoin Treasury on Wall Street’s Radar

SpaceX’s historic IPO drew fresh attention to one of the largest bitcoin positions held by a public company. SEC filings show 18,712 BTC on the balance sheet with a fair value of $1.293 billion. Historic SpaceX IPO Spotlights One of America’s Boldest Bitcoin Treasuries Space Exploration Technologies Corp. (Nasdaq: SPCX) entered public markets in a […]

2 news.bitcoin.com
скрыть

cryptobriefing.com Qatar secures first World Cup point with draw against Switzerland as crypto sponsors circle the tournament

Qatar's World Cup draw marks a turning point, while crypto's involvement highlights its growing influence and potential in global sports events. The post Qatar secures first World Cup point with draw against Switzerland as crypto sponsors circle the tournament appeared first on Crypto Briefing.

14 cryptobriefing.com
скрыть

blockonomi.com Anthropic Suspends Fable 5 and Mythos 5 After US Government Issues Export Control Directive

TLDR: The US government issued an export control directive ordering Anthropic to suspend all Fable 5 and Mythos 5 access globally. Anthropic reviewed the jailbreak report and found the capabilities were already available in models like OpenAI’s GPT-5.5. The reported jailbreak involved asking Fable 5 to read a codebase and flag software flaws, with no [...] The post Anthropic Suspends Fable 5 and Mythos 5 After US Government Issues Export Control Directive appeared first on Blockonomi.

15 blockonomi.com
скрыть

news.bitcoin.com Iran Denies Sunday Signing as Trump Declares Strait of Hormuz ‘Open to All’ Tomorrow

U.S. President Donald Trump declared Saturday that a landmark agreement with Iran will be signed on Sunday, June 14, with the Strait of Hormuz reopening to all shipping immediately afterward, but Iranian officials quickly disputed that timeline. What Trump Said Trump posted Saturday on Truth Social that his agreement with Iran represents the opposite of […]

19 news.bitcoin.com
скрыть

news.bitcoin.com Anthropic’s Secret AI Model Mythos Audits Entire Zcash Protocol, Finds No New Bugs

Zcash founder Zooko Wilcox-O’Hearn publicly thanked Anthropic this week, confirming the artificial intelligence (AI) company ran a full security audit of the Zcash protocol using its restricted frontier model, Mythos, and found no additional critical vulnerabilities. Zooko Thanks Anthropic After Full Protocol Audit The statement came directly from Zooko, the online handle for Zooko Wilcox-O’Hearn, […]

20 news.bitcoin.com
скрыть

blockonomi.com MSTR Bears Crushed: Why Strategy’s Bitcoin Balance Sheet Is Built to Outlast Any Bear Market

TLDR: Strategy is raising over $130M daily in 2025, marking its highest-ever annual capital-raising pace.  Historical BTC data shows median 12-month forward returns of +133% from current price MA levels.  Even at a compressed 0.8x mNAV, covering preferred dividends would require only 6.6% dilution.  MSTR’s monthly trading volume of $54.79B dwarfs its $148M dividend bill, [...] The post MSTR Bears Crushed: Why Strategy’s Bitcoin Balance Sheet Is Built to Outlast Any Bear Market appeared first on Blockonomi.

30 blockonomi.com
скрыть

cryptobriefing.com Iran and US expected to finalize ceasefire deal within 24 hours, Bitcoin rises on reduced geopolitical risk

A finalized ceasefire could stabilize Middle East tensions, potentially boosting global markets and easing oil supply constraints. The post Iran and US expected to finalize ceasefire deal within 24 hours, Bitcoin rises on reduced geopolitical risk appeared first on Crypto Briefing.

33 cryptobriefing.com
скрыть

news.bitcoin.com Everyone Is Getting Hilariously Rich and You’re Not — Week In Review

This editorial is from this week’s edition of the newsletter Week in Review, sent to subscribers on Friday. Subscribe to the newsletter to get this weekly editorial the second it’s finished. The newsletter also includes the biggest stories of the week with a comment on each story. After dipping just below the $59,000 level, Bitcoin […]

51 news.bitcoin.com
скрыть

blockonomi.com TAO Price Surges Over 24% in Single Session as Bittensor Reclaims Key Support

TLDR: TAO price surged over 24% on June 13, closing at $264 after opening near $212 in the session RSI bottomed in the low 30s, matching the same zone that marked the prior three swing lows on TAO Bittensor subnet activity had been accelerating quietly while the TAO price was trending lower The $280 to [...] The post TAO Price Surges Over 24% in Single Session as Bittensor Reclaims Key Support appeared first on Blockonomi.

62 blockonomi.com
скрыть

cryptobriefing.com Matan Grinberg: Value accrual in tech is time-dependent, the US lacks frontier open models, and outsourcing AI development can enhance efficiency | 20VC

AI's rapid evolution challenges businesses to balance cost-effective open-source models with expensive frontier solutions. The post Matan Grinberg: Value accrual in tech is time-dependent, the US lacks frontier open models, and outsourcing AI development can enhance efficiency | 20VC appeared first on Crypto Briefing.

65 cryptobriefing.com
скрыть

blockonomi.com Uniswap Tokenized Securities Go Live, Bringing SpaceX, Apple, Tesla, and NVIDIA Onchain

TLDR: Uniswap tokenized securities are now live on the web app, wallet, and API for eligible users. Over $9.1 billion has been swapped in real-world asset pools across 2.6 million transactions. Uniswap v4 hooks allow issuers to set KYC gates, allowlists, and dynamic fees at pool level. Builders using the Uniswap API need no extra [...] The post Uniswap Tokenized Securities Go Live, Bringing SpaceX, Apple, Tesla, and NVIDIA Onchain appeared first on Blockonomi.

68 blockonomi.com
скрыть

news.bitcoin.com Blackrock’s IBIT Leads $86 Million Bitcoin ETF Inflow as Ethereum Funds Extend Outflow Streak

Spot bitcoin exchange-traded funds (ETFs) drew $85.85 million in net inflows on Friday, with every one of the 12 tracked funds avoiding outflows, even as spot ethereum ETFs bled for a fourth straight day. Blackrock’s IBIT Leads Again The figures, based on data tracked by Sosovalue, show a clear split in institutional appetite between the […]

69 news.bitcoin.com
скрыть

news.bitcoin.com 40x Claude Max Value Shows Why Heavy Crypto Coders Are Getting a Rare Deal

Semianalysis says top artificial intelligence (AI) subscriptions may hand heavy users thousands of dollars in hidden compute value, and that gap could give crypto-native AI networks a clearer opening. The June 2026 report tested consumer tiers from Anthropic and OpenAI by running long-horizon coding and agentic tasks until weekly limits were exhausted. The finding was […]

70 news.bitcoin.com
скрыть

news.bitcoin.com Claude Fable 5 Puts 25% Odds on Bitcoin Reaching $95K by Year-End 2026

At the time of writing, bitcoin is trading at $63,440, reflecting a modest 2.9% gain over the past week. With BTC navigating a period of consolidation and Anthropic unveiling its new Mythos-based model Fable, we decided to consult Fable alongside several other leading artificial intelligence (AI) models to forecast bitcoin’s next potential price move. Earlier […]

88 news.bitcoin.com
скрыть

blockonomi.com XRP ETF Inflows Hold Steady for Five Weeks as Price Tests Key Support Zone

TLDR: XRP ETF inflows reached $10.68M in the latest week, marking five consecutive weeks of positive flows. Bitcoin and Ethereum ETF products recorded negative flows during the same five-week period. XRP price sits near $1.15, with analysts watching the $0.70–$0.90 range as a potential support floor. EMAs at $1.45 and $1.78 must be reclaimed before [...] The post XRP ETF Inflows Hold Steady for Five Weeks as Price Tests Key Support Zone appeared first on Blockonomi.

89 blockonomi.com
скрыть

blockonomi.com How Audited Corporate Balance Sheet Backing Establishes BlockDAG As The Next Big Crypto Coin

The digital asset ecosystem in 2026 is experiencing a significant crisis of confidence regarding unbacked algorithmic valuation structures. Multiple early-stage utility protocols have faced severe capital drawdowns due to a lack of tangible liquidity reserves to support their active market capitalizations. This systemic vulnerability has made corporate transparency and verified financial accountability the most critical [...] The post How Audited Corporate Balance Sheet Backing Establishes BlockDAG As The Next Big Crypto Coin appeared first on Blockonomi.

92 blockonomi.com
скрыть

cryptobriefing.com US-Iran peace talks accelerate after Apache helicopter shootdown, with Bitcoin emerging as unlikely diplomatic tool

Accelerated US-Iran peace talks highlight Bitcoin's role in sanctions evasion, potentially prompting stricter global crypto regulations. The post US-Iran peace talks accelerate after Apache helicopter shootdown, with Bitcoin emerging as unlikely diplomatic tool appeared first on Crypto Briefing.

95 cryptobriefing.com
скрыть

cryptopotato.com Bitcoin Price Analysis: BTC’s Recovery May Be a Trap as $51K Risk Lingers

Bitcoin remains under significant selling pressure after losing a major higher-timeframe structure and breaking below several key support levels. While buyers have managed to defend the $60K region for now, both the technical and on-chain pictures suggest that the market is still in a vulnerable phase. A legitimate recovery requires BTC to reclaim several overhead […]

98 cryptopotato.com
скрыть