According to Socket, malicious payment SDK packages on npm and PyPI are harvesting developer credentials and CI/CD ...
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC ...
This week’s ThreatsDay Bulletin covers spyware-laced game cheats, fake installers, infostealer, ransomware, phishing kits, ...
From late April 2026 to mid-June 2026, Microsoft Defender Experts observed increased ACR Stealer activity across customer ...
Discover how the Rogue Agent vulnerability in Google Dialogflow CX enabled persistent AI agent compromise, data exfiltration, ...
IBM and Red Hat have launched Lightwell to automate vulnerability remediation across enterprise open-source software ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
With a security initiative, OpenAI competes with Anthropic's Mythos and also offers a security review service for open-source projects.
Anthropic is hiring AI safety experts to stop its models from being misused for nuclear threats, explosives, cybercrime, ...
Zscaler found attackers using SEO poisoning and hidden prompts in malicious websites to manipulate AI agents into making cryptocurrency payments.
Varonis reported the flaw to Google in late 2025 and it has been addressed, but it reminds defenders to take a look at their ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results