Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Agentic AI security dominated Infosecurity Europe 2026 as Toronto researchers proved a free open-weight AI worm can ...

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

AI vs AI cybersecurity arrived in documented form on May 10, when an LLM agent drove a four-pivot intrusion to database exfiltration in under an hour with no human direction. CrowdStrike data puts ...

Google and iVerify analysis reveals a powerful exploit kit originally used by Russian state actors that is now appearing in broader criminal campaigns. Multiple iOS exploits and five exploit chains ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...

The attacker tricked the Butter Network cross-chain bridge into minting millions more tokens than the legitimate supply of MAPO. MAPO, the native token of the Map Protocol, fell 96% on Wednesday after ...

On May 11, the same day Google's Threat Intelligence Group disclosed the first confirmed case of attackers using AI to build a zero-day exploit, OpenAI launched Daybreak, a new agentic cybersecurity ...

THORChain paused trading after ZachXBT flagged a suspected $10 million exploit spanning Bitcoin, Ethereum, BNB Chain and Base. Decentralized liquidity protocol THORChain halted trading after ...