Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
has documented what it says is the first ransomware operation carried out from start to finish by an autonomous artificial ...
Oracle expands its AI database security strategy with new data protection, patching, and cyber resilience tools to help ...
Proofpoint identified a likely China-aligned espionage group exploiting chained Roundcube vulnerabilities to steal ...
Drug regulators have introduced stricter rules to eliminate duplicate and deceptively similar medicine brand names. The new First-to-Register policy and mandatory Sugam portal verification aim to ...
JadePuffer, the first known 'agentic ransomware', uses an AI agent to run attacks end-to-end and adapt in real time, ...
Hackers are exploiting a vulnerability in the Gravity SMTP WordPress plugin to extract configuration data, including API keys and tokens.
CVE-2026-20896 lets reachable Gitea Docker containers trust spoofed X-WEBAUTH-USER headers when reverse proxy auth is enabled ...
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
Security tooling is not written in a single language. Python powers most automation. C sits at the exploit layer. PowerShell ...
Sysdig's JadePuffer case is billed as the first ransomware attack planned and executed end to end by an AI agent, with no human directing it.
A newly disclosed use-after-free in the Linux kernel's epoll code, CVE-2026-46242, lets an unprivileged user get root on ...