The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected ...
Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...
Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company's Artifact Signing ...
Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...
Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...
Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.
GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...
TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
CRPx0 is a complex, stealthy malware campaign that targets macOS and Windows systems, and appears to have Linux capabilities ...
Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...
Morning Overview on MSN
The AI-generated zero-day discovered by Google used clean 'textbook' Python code — a hallmark of large language model output
The exploit code was almost too neat. When Google’s Threat Intelligence Group flagged a previously unknown software ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results