Cybersecurity researchers have reported that hackers are exploiting a vulnerability in the Veeam Backup & Replication product to deploy ransomware. The criminals first target VPN gateways with weak passwords and no multi-factor authentication, before exploiting the vulnerability to create a local account. This allows them to launch either Fog or Akira ransomware. Veeam has released a patch for this vulnerability, which had a severity score of 9.8.
Critical Claude Code Flaw Silently Bypasses Developer-Configured Security Rules
A high-severity security bypass vulnerability in Anthropic’s Claude Code AI coding agent allows malicious actors to silently evade user-configured deny rules through a simple command-padding
