The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...
The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected ...
Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...
Scammers built a convincing fake Windows update site that installs password-stealing malware. Learn how the multi-stage attack works and how to stay safe.
Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...
Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.
Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...
Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.
Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...
TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
Researchers have finally cracked Fast16, mysterious code capable of silently tampering with calculation and simulation software. It was created in 2005—and likely deployed by the US or an ally. Vitaly ...
TL;DR Two malicious versions of the popular PyTorch Lightning package have been uploaded to PyPI following the publisher account’s compromise. Lightning versions 2.6.2 and 2.6.3 (tracked as ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results