Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a dormant wipe mechanism.

A Russian hacker was recently seen brute-forcing their way into hundreds of firewalls - but what makes this campaign really stand out is the fact that the seemingly low-skilled threat actor was able ...

You might not think of a CAPTCHA check as a cybercrime lure, but if you fall prey to one, you may become infected with malware. Learn how to spot them with our guide.

Researchers uncover wormable XMRig campaign using BYOVD exploit and LLM-built React2Shell attacks hitting 90+ hosts.

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack ...

A lone attacker, leveraging commercial AI tools, has breached over 600 organizations globally in just over a month.

The Arkanix infostealer combines LLM-assisted development with a malware-as-a-service model, using dual language implementations to maximize reach and establish persistence.

Anthropic research shows developers using AI assistance scored 17% lower on comprehension tests when learning new coding ...

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

Georgia Tech researchers discovered VillainNet, a dormant AI backdoor that lets hackers hijack self-driving cars with 99% success while remaining invisible to current security tools.

An AI-assisted hacker campaign breached over 600 FortiGate firewalls worldwide by exploiting weak credentials and public interfaces in a chilling demonstration of how generative AI ...