This week’s security news highlights how attackers exploit small weaknesses in trusted systems, from phishing emails and clipboard tricks to sandbox escapes and AI prompt injection. The stories also show growing abuse of AI tools, messaging apps, browser extensions, and misconfigured services to steal data, gain access, and deliver malware. #ClaudeCowork #HideMyEmail #BeepRAT #UNC5792 #UNC4221 #MillenniumRAT #BlueHammer #ClickFix #CoTForgery #Ollama
Keypoints
- Fake law enforcement emails are being used to deliver ransomware through password-protected archives and Proton Drive links.
- A sandbox escape in Claude Cowork could let a local attacker run root commands and bypass network restrictions.
- Apple’s Hide My Email service has a flaw that may expose real email addresses.
- BeepRAT and Millennium RAT show continued use of stealthy delivery, persistence, and rich remote-control features.
- Attackers are abusing AI systems, clipboard tricks, browser extensions, and misconfigured Ollama servers for access and data theft.
Read More: https://thehackernews.com/2026/07/threatsday-ai-compute-hijacking-apple.html