A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...

Anthropic on Tuesday expanded Project Glasswing beyond its roughly 50 initial partners, extending access to a new cohort of approximately ...

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...

OpenAI Codex helped Calif, an AI red-teaming security group, expose HTTP/2 Bomb, a denial-of-service attack that combines old HTTP/2 compression and connection-holding techniques against current ...

PCPJack built a 230-node SMTP relay from hijacked cloud servers, syncing verified proxies every five minutes for scalable ...

Proofpoint says Chinese cybercrime group TA4922 is using AI-assisted phishing and apparently LLM-developed malware, including ...

Agentic AI security dominated Infosecurity Europe 2026 as Toronto researchers proved a free open-weight AI worm can ...

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels.

Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows ...

Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...