Latest Interesting Cybersecurity News – 2026-06-04

I go through about 25 cybersecurity news portals and blogs every week and pull out the most interesting stories. Then I turn them into this short, digestible summary, so you can stay up to date without trying to follow 25 different sources yourself. 😱

My aim is to create a summary that gives you the gist without needing to open up the source article. But if you do want to dig deeper, all the sources covering the event are linked below each story.

If you enjoy these, come back next Monday

scroll to the bottom to subscribe to the e-mail newsletter.

1. Some “Leaked” Claude Code repos on GitHub were hiding infostealer malware

After Anthropic accidentally exposed the source code for Claude Code, hackers reposted “leaked” copies on GitHub that contained infostealer malware alongside legitimate mirrors. Anthropic has been issuing copyright takedowns to remove the leak, but the incident shows how quickly high-demand developer tooling can become a malware delivery lure when users are primed to copy/paste install commands.    

Key Details

• Some GitHub repos claiming to host the Claude Code leak were modified to include infostealer malware
• Attackers registered typosquat/internal-looking npm package names (audio-capture-napi, color-diff-napi, image-processor-napi, modifiers-napi, url-handler-napi) under the account “pacifier136,” initially as empty stubs consistent with “reserve-then-poison” supply-chain tactics.
• The exposed npm release was Claude Code version 2.1.88, which users reported contained a source map file enabling access to nearly 2,000 TypeScript files (512,000+ lines); the version is no longer available on npm.

Next Steps

• Warn developers not to run or build from “Claude Code leak” GitHub repos (especially forks claiming to be “fixed” or “compiled”), and treat any such clone-and-run instructions as untrusted software.
• Block and/or alert on the typosquat npm packages audio-capture-napi, color-diff-napi, image-processor-napi, modifiers-napi, and url-handler-napi in your dependency controls and artifact proxy.

Read more at WIRED, BleepingComputer, The Hacker News, CSO Online, BleepingComputer, The Hacker News, CSO Online, BleepingComputer, The Hacker News, CSO Online

2. ImageMagick turns a single image upload into full server compromise on most default Linux configurations

Researchers behind pwn.ai report a multi-step ImageMagick attack chain where crafted uploads are mis-identified and routed into Ghostscript/ImageMagick code paths that enable arbitrary file read/write and, in some setups, RCE. The write primitive can be escalated by combining Ghostscript’s ability to write into /tmp with ImageMagick’s MSL scripting features to move a webshell-like payload into a web-accessible location.

Key Details

• This attack works across most default server configurations — Ubuntu, Debian, RHEL, Amazon Linux, and most Docker images all ship with the vulnerable “open” policy. Even hardened configurations using the “limited” or “secure” policy have known bypasses. 
• The attack starts with uploading a malicious file disguised as a regular image to trigger ImageMagick’s PostScript processing engine.
• ImageMagick routes the file to Ghostscript for processing — the EPT file format used to trigger the exploit is not on any policy blocklist by default.
• The file contains embedded PostScript instructions that tell Ghostscript to write a webshell to /tmp.
• ImageMagick’s own MSL scripting feature then reads the webshell from /tmp and copies it to a web-accessible location, bypassing Ghostscript’s sandbox entirely.
• The attacker now has a publicly accessible URL that executes commands on the server with full remote code execution.

Next Steps

• If PDF uploads from untrusted sources is required, find an alternative way for processing them. As of now, safe PDF processing through ImageMagick and Ghostscript is not possible.
• Check if you’re exposed. You accept file uploads from untrusted sources and use ImageMagick + Ghostscript to processes them. (Examples: Very common on WordPress sites)
• Switch to “secure” policy for ImageMagick, then explicitly add PDF and EPT to the blocklist. 

Read more at pwn.ai

3. Google Drive Cuts Sync to Stop Ransomware Spreading to the Cloud

Google has moved Google Drive’s ransomware detection and file restoration features into general availability, using Drive for desktop to spot ransomware activity on an endpoint and automatically pause sync to prevent encrypted files from propagating into Google Workspace. 

Google says an updated AI model improves coverage and speed, detecting 14× more infections than the September 2025 beta.

Key Details

• The mechanism is driven by Google Drive for desktop detecting ransomware behavior locally and then stopping synchronization as an automated containment step.
• When detections occur, Google Drive sends warning emails to the impacted user and domain administrators, and also raises dedicated alerts in the Admin console security center.
• The new restoration workflow lets users select multiple affected files and bulk-revert to pre-infection versions via a recovery interface.
• Both features are enabled by default and can be managed per Organizational Unit in the Google Workspace Admin console.

Next Steps

• Confirm ransomware detection is enabled for the relevant Organizational Units in the Google Workspace Admin console (Drive and Docs settings) and aligns with your licensing tier.
• Set min-release-age (or equivalent) in your global package manager (npm, yarn, bun, pnpm) config to delay installing newly published versions.

Read more at Cybersecurity News

4. macOS Tahoe 26.4 adds a Terminal paste warning to slow ClickFix-style “copy/paste” command attacks

Apple added a new macOS Tahoe 26.4 Terminal protection that delays execution and warns users when they paste potentially risky commands. The feature targets ClickFix-style social engineering, where attackers convince users to paste commands themselves—sidestepping many traditional security prompts because the action is user-initiated.

Key Details

• Apple did not document the new mechanism in the macOS Tahoe 26.4 release notes, and users first reported it in the 26.4 release candidate.
• The warning message states no damage has been done because execution was halted and notes that scammers often distribute malicious instructions via multiple channels.
• Based on user reports, the alert is triggered when commands are copied from Safari and pasted into Terminal.
• One tester reported the warning may be shown only once per session, with subsequent pastes (including dangerous examples) not prompting again.
• Another user observed the system may perform some form of command risk analysis, as innocuous commands did not trigger the warning.

Next Steps

• Update Macs to macOS Tahoe 26.4 where feasible to gain the Terminal paste warning behavior.

Read more at BleepingComputer

5. Compromised Axios npm releases pulled in a hidden dependency that installed a cross-platform RAT

Attackers hijacked an Axios maintainer’s npm account and published compromised Axios versions that silently installed a cross-platform RAT via a hidden dependency and postinstall script.
Axios is one of the most downloaded open-source libraries on the internet — it's a JavaScript HTTP client used to make API requests from both browsers and Node.js servers. With roughly 60 million weekly downloads on npm

Key Details

• The trojanized releases were axios v1.14.1 and v0.30.4, which added the runtime dependency plain-crypto-js@4.2.1 rather than modifying Axios source code.
• The malicious dependency used an obfuscated Node.js dropper that called out to sfrclak[.]com:8000, disguising requests with npm-like paths (packages.npm[.]org/product0/1/2 depending on OS).
• Delivered payloads were OS-specific but aligned to one framework: Mach-O (macOS), PowerShell-based RAT (Windows), and Python RAT (Linux), all beaconing roughly every 60 seconds and supporting commands including runscript and self-terminate.

Next Steps

• Add a control to reduce recurrence, such as blocking/alerting on npm lifecycle script execution (postinstall) in CI except for explicitly approved packages.
• Immediately identify and remove axios v1.14.1 and v0.30.4 from builds and lockfiles; rebuild/redeploy from known-good dependencies.
• Hunt for installation artifacts and dependency presence, including node_modules/plain-crypto-js and any outbound connections to sfrclak[.]com:8000.

Read more at BleepingComputer, Microsoft Security Blog, The Hacker News, CSO Online, Socket, Unit 42

6. LinkedIn JavaScript fingerprints Chrome users by probing 6,000+ installed browser extensions

Researchers reported that LinkedIn runs a background scan for thousands of Chrome extension IDs every time users visit the site in Chromium-based browsers, then transmits the results back to LinkedIn as tracking telemetry. 

The mechanism uses both direct resource probes (to confirm whether specific extensions are installed) and DOM inspection (to spot extension artifacts), raising concerns about undisclosed browser fingerprinting. 

Key Details

• The hardcoded target list reportedly grew from 5,459 extensions (Dec 2025) to 6,167 (Feb 2026), and includes a specific internal resource path per extension that is expected to be web-accessible.
• Detected IDs are sent as AedEvent and SpectroscopyEvent payloads to https://www.linkedin.com/li/track
• LinkedIn confirmed the scanning but denied harm, calling the report “plain wrong” and trying to discredit it by attributing the claim to a developer whose account was banned for scraping.
• Linkedin framed it as anti-scraping protection — but the scan list includes tools that probably are not scraping anything (grammar tools, pharmacy software, and Amazon schedulers)
• LinkedIn has made no commitments in response, no plans to update to their privacy policy, adding an opt-out mechanism, or plans to stop the scanning.

Read more at browsergate.eu, BleepingComputer, Hackread

7. EvilTokens PhaaS drives 37× surge in Microsoft device-code phishing that bypasses password capture

Researchers report a sharp 37x rise in Microsoft 365 “device code” phishing, where victims are tricked into completing a legitimate Microsoft device-login flow that hands attackers valid access and refresh tokens without stealing the password. 

The newly popular EvilTokens “phishing-as-a-service” kit productizes this technique with BEC-focused features and Telegram-based automation, accelerating adoption across criminal communities.

Key Details

• EvilTokens templates impersonate common business lures (e.g., document signature/viewing, quarantine/security notices, calendar/SharePoint/voicemail themes)
• Victims enter the code on a real microsoft.com login page; the code is tied to the attacker’s pre-registered device
• Attackers obtain OAuth access and refresh tokens (not necessarily raw credentials), allowing persistent access to Outlook, Teams, OneDrive
• The EvilToken kit automatically upgrades stolen refresh tokens to Primary Refresh Tokens (PRTs) — granting silent 90-day SSO access across all Microsoft 365 apps and bypassing MFA with no further victim interaction required

Next Steps

• Create an allowlist of authorized OAuth apps in your tenant
• Disable device code flow in conditional access if not required
• Inventory and audit OAuth integrations and their scopes

Read more at BleepingComputer, CSO Online, Sekoia

Subscribe

Subscribe to receive this weekly cybersecurity news summary to your inbox every Monday.