Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...

Cybercriminals used the Glassworm botnet to infect open source software projects with malware, and in turn hack the ...

The tool operates with broad system privileges and autonomous execution capabilities, demonstrating how natural language can ...

CrowdStrike, Google and the Shadowserver Foundation worked together to take down a botnet that poisoned over 300 GitHub ...

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...

Reported over three years ago and allegedly still not properly fixed, the vulnerability enables attacks to execute JavaScript ...

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers ...

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a supply-chain attack on a popular open-source JavaScript toolkit called ...

A new report from the Google Threat Intelligence Group (GTIG) reveals that sophisticated hacker groups have started using AI tools to help create and deploy zero-day exploits. The revelation confirms ...

Google's Threat Intelligence Group says it has disrupted what it believes is the first real‑world zero‑day exploit developed with the help of AI. A major cybercrime group (which the Threat ...

Google researchers found evidence in the exploit’s code that it may have been created using AI, like a ‘hallucinated’ CVSS score. Google researchers found evidence in the exploit’s code that it may ...

May 11 (UPI) --Google announced Monday that it identified a cyber threat it believes hackers developed using artificial intelligence, meant to exploit networks on a large scale. Google Threat ...