Stolen credentials produced valid Sigstore certificates, clearing 633 malicious npm packages — one of seven developer tool ...
Today, I’m pleased to introduce something I’ve been working on for the past six months: Shortcuts Playground, a plugin for ...
Dify, a popular low-code AI application development platform with over 142,000 stars on GitHub, was found to contain critical vulnerabilities that allowed a one-click account takeover. Imperva ...
Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...
Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...
Who won?: Gemini 3.1 Pro claimed first place in a multi-AI Python debugging challenge, outperforming ChatGPT and Claude. What ...
Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...
Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...
May the best coding AI win!
Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...
Security researchers have uncovered covert infostealer malware hidden in one of the top-ranking repositories on Hugging Face, ...
Google found the first known zero-day exploit it believes was built using AI. The exploit targets two-factor authentication (2FA) on an open-source admin tool. State sponsored hackers from China and ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results