The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...

Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...

I started this as a side project, but my Windows Command Center suddenly became useful.

OpenAI has added its Codex coding agent to the ChatGPT mobile app on iOS and Android, letting users manage coding tasks ...

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

A fake repository mimicking OpenAI’s Privacy Filter on Hugging Face accumulated ~244,000 downloads before being removed. It delivered a multi-stage Rust infostealer ...

A malicious repository on Hugging Face impersonated OpenAI’s “Privacy Filter” project and briefly reached the platform’s top trending position before removal ...

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the security risks of hallucinated dependencies.

With model devs pushing more aggressive rate limits, raising prices, or even abandoning subscriptions for usage-based pricing ...

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's how to audit your deployments.