Socket found a compromised Injective npm package stealing wallet keys amid rising crypto supply chain attacks.
Several AI coding assistants were tricked into facilitating developer machine hacking via an attack technique that has been ...
AI Now’s Friendly Fire PoC shows Claude Code and Codex running README-planted payloads on hosts when autonomous command ...
Malicious packages on the Node Package Manager (npm) and the Python Package Index (PyPI) delivered stealer malware to ...
In the brief history of AI security, the prompt injection has quickly become the top threat. Large language models are ...
Researchers at Zimperium have uncovered RedWing, a new Android malware-as-a-service sold through Telegram with subscription tiers, a support bot, and how-to videos. Once installed, it can steal ...
IT services giant Accenture has confirmed it suffered a security breach after a threat actor claimed to have stolen 35 GB of ...
A new report reveals that AI agents can autonomously execute ransomware attacks, evidenced by the case of JADEPUFFER, which ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Kaspersky says the attacks use phishing, GitHub-hosted payloads, CVE-2025-9491 LNK abuse, and Go2Tunnel-based tunneling.