Anthropic unveils Claude Code Security to detect and fix code bugs
(Pierluigi Paganini – Security Affairs) Anthropic has introduced Claude Code Security, a new AI-powered service designed to scan software codebases for vulnerabilities and recommend fixes. Built into Claude Code, the tool aims to help teams detect and remediate security flaws faster. The capability is currently being rolled out in a limited research preview for Enterprise and Team customers. “Claude Code Security, a new capability built into Claude Code on the web, is now available in a limited research preview. It scans codebases for security vulnerabilities and suggests targeted software patches for human review, allowing teams to find and fix security issues that traditional methods often miss.” reads the announcement published by Anthropic. – https://securityaffairs.com/188358/ai/anthropic-unveils-claude-code-security-to-detect-and-fix-code-bugs.html
Shai-Hulud-Like Worm Targets Developers via npm and AI Tools
(Alessandro Mascellino – Infosecurity Magazine) A supply chain worm resembling earlier Shai-Hulud malware has been discovered spreading through malicious npm packages. According to Socket’s Threat Research Team, the campaign, tracked as SANDWORM_MODE, has been identified across at least 19 npm packages published under two aliases, official334 and javaorg. The operation builds on known supply chain tradecraft but adds a notable twist: direct interference with AI coding tools.Researchers said the malware not only stole developer and CI credentials and propagated through compromised npm and GitHub accounts, but also injected rogue MCP servers into local AI assistant configurations and harvested API keys for nine large language model providers. – https://www.infosecurity-magazine.com/news/shai-hulud-like-worm-devs-npm-ai/
Russian Cyber Threat Actor Uses GenAI to Compromise Fortinet Firewalls
(Kevin Poireault – Infosecurity Magazine) A low-skilled cyber threat actor has been observed leveraging several generative AI (GenAI) tools to deploy a malicious campaign aimed at compromising Fortinet’s FortiGate firewall appliances. In an Amazon Web Services (AWS) Security blog published on February 20, CJ Moses, CISO of Amazon Integrated Security, shared findings about the campaign. Amazon Threat Intelligence assessed that the attacker was a Russian-speaking, financially motivated threat actor with limited technical capabilities. The threat actor used multiple commercial GenAI services to implement and scale well-known attack techniques throughout every phase of their operation. AWS assessed the campaign ran from January 11 to February 18, 2026, and compromised over 600 FortiGate devices across more than 55 countries. Amazon Threat Intelligence noted that AWS infrastructure was not involved in this campaign and that no exploitation of FortiGate vulnerabilities was observed. – https://www.infosecurity-magazine.com/news/russian-threat-actor-genai/
Fraud Investigation Reveals Sophisticated Python Malware
(Alessandro Mascellino – Infosecurity Magazine) A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools. The discovery was made by the Secuinfra Falcon Team after a user reported unusual desktop behaviour and unauthorised PayPal transfers. The case began when the victim noticed “strange black windows” appearing briefly on screen and captured screenshots. Those images showed fragments of a command script that had failed to fully suppress its output, exposing evidence of payload decoding and execution. – https://www.infosecurity-magazine.com/news/fraud-investigation-python-malware/
Leading Semiconductor Supplier Advantest Hit by Ransomware Attack
(Danny Palmer – Infosecurity Magazine) Advantest Corporation, the Japanese technology company and prominent manufacturer of testing equipment for the semiconductor industry, has been hit by a ransomware attack. In a statement released on February 19, the company, which is a supplier to major chip producers including Samsung, said it was “responding to a cybersecurity incident involving ransomware that may have impacted certain systems within its network.”. Headquartered in Tokyo, Advantest employees over 7500 people and has offices in locations around the world, including Munich, Germany and San Jose, California. – https://www.infosecurity-magazine.com/news/advantest-ransomware-attack/
Jackpotting Surge Costs Banks Over $20m, Warns FBI
(Phil Muncaster – Infosecurity Magazine) Nearly two-fifths of ATM jackpotting attacks recorded in the US since 2020 occurred last year, the FBI has warned. A new FBI Flash alert claimed that the 700+ attacks seen in 2025 resulted in losses of over $20m. Typically, threat actors deploy malware such as the Ploutus variant to exploit the eXtensions for Financial Services (XFS) API and give them control over the ATM, the FBI explained. “When a legitimate transaction occurs, the ATM application sends instructions through XFS for bank authorization. If a threat actor can issue their own commands to XFS, they can bypass bank authorization entirely and instruct the ATM to dispense cash on demand,” it said. – https://www.infosecurity-magazine.com/news/jackpotting-surge-costs-banks-20m/
University of Mississippi Medical Center Still Offline After Ransomware Attack
(Phil Muncaster – Infosecurity Magazine) Mississippi’s largest hospital group is still reeling from a ransomware attack late last week that has forced its IT systems offline. The University of Mississippi Medical Center (UMMC) is one of the state’s largest employers, with over 10,000 staff working across seven hospitals, dozens of clinics and over 200 telehealth sites. It revealed in a post on X on February 19 that “many UMMC IT systems are down, including access to our electronic medical records,” due to a cybersecurity attack. “Outpatient and ambulatory surgeries/procedures and imaging appointments are cancelled and will be rescheduled,” it continued. “Hospital services are continuing for our patients using downtime procedures.” – https://www.infosecurity-magazine.com/news/university-mississippi-medical/
Introducing EVMbench. Making smart contracts safer by evaluating AI agents’ ability to detect, patch, and exploit vulnerabilities in blockchain environments
(OpenAI) Smart contracts routinely secure $100B+ in open-source crypto assets. As AI agents improve at reading, writing, and executing code, it becomes increasingly important to measure their capabilities in economically meaningful environments, and to encourage the use of AI systems defensively to audit and strengthen deployed contracts. Together with Paradigm, we’re introducing EVMbench, a benchmark evaluating the ability of AI agents to detect, patch, and exploit high-severity smart contract vulnerabilities. EVMbench draws on 120 curated vulnerabilities from 40 audits, with most sourced from open code audit competitions. EVMbench additionally includes several vulnerability scenarios drawn from the security auditing process for the Tempo(opens in a new window) blockchain, a purpose-built L1 designed to enable high-throughput, low-cost payments via stablecoins. These scenarios extend the benchmark into payment-oriented smart contract code, where we expect agentic stablecoin payments to grow, and help ground it in a domain of emerging practical importance. – https://openai.com/index/introducing-evmbench/
UIDAI launches AI enabled biometric deduplication & document verification platform
(The Statesman) The Unique Identification Authority of India (UIDAI) has launched landmark initiatives in India’s digital security framework. It has deployed next-generation AI enabled biometric deduplication and document verification platform. This platform will improve the deduplication accuracy of the Enrolment or Update transaction being undertaken by UIDAI. This “Invisible Shield” marks a new chapter in India’s digital safety mission — a multi-layered AI defence system that performs crores of computations, harnessing accelerated computing to protect citizens’ trust and data integrity. – https://www.thestatesman.com/india/uidai-launches-ai-enabled-biometric-deduplication-document-verification-platform-1503559973.html
