The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-based ...

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...

Google identified the first malicious AI use for a zero-day 2FA bypass in an open-source admin tool, accelerating threat ...

Exploitation of open-source tools allows attackers to maintain persistent access after initial social engineering, warn ...

The discoverers have named the root vulnerability "Copy Fail". All major distributions since 2017 are affected.

Supply chain attacks with a Dune sci-fi saga branding continue to spread across the open-source ecosystem, with a Microsoft ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

Claude AI guided a threat actor toward OT ICS SCADA systems in an attack on a water and drainage utility in Mexico.

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...

A cybercriminal group came close to launching a mass attack earlier this year, armed with a software exploit that an AI model ...