A single developer. One poisoned extension. Five supply chain surfaces compromised in 48 hours. And a threat group claiming ...

North Korea-linked hackers have upgraded the InvisibleFerret malware to bypass script-based security tools, converting its Python code into compiled modules that are harder for defenders to inspect ...

Google's Threat Intelligence Group thwarted the first known AI-developed zero-day exploit targeting two-factor authentication, preventing a planned mass-scale cyberattack.

Google prevents first known instance of 2FA cyber attack where hackers used AI-developed zero-day exploit; Know how to stay ...

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...

Hackers are exploiting unsupported F5 BIG-IP appliances to gain SSH access to enterprise Linux systems, turning trusted edge infrastructure into entry points for deeper attacks on identity systems and ...

GitHub has confirmed that hackers breached internal repositories through a poisoned VS Code extension after stolen source ...

Hadrian today released OpenHack, a tool for AI-powered source code review that delivers high-quality results at a fraction of the cost ...

Dify, a popular low-code AI application development platform with over 142,000 stars on GitHub, was found to contain critical vulnerabilities that allowed a one-click account takeover. Imperva ...

Composer 2.5 brings stronger long running coding performance to Cursor, with targeted RL, Kimi K2.5 foundations, new pricing, ...

A 732-byte Python script has uncovered a significant vulnerability in the Linux kernel, affecting users worldwide. Explore the details of this exploit, its implications, and the urgent need for ...

Microsoft flagged a Mistral AI hack as a supply-chain attack that hid malware in a fake AI library on PyPI. Here's what ...