The ZCash team hired a hacker to find an exploit in the ZCash protocol, and he exposed a glitch that has been out there for ...

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...

Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories ...

The recent disclosure by Google’s Threat Intelligence Group that hackers are now using artificial intelligence to develop ...

AI vs AI cybersecurity arrived in documented form on May 10, when an LLM agent drove a four-pivot intrusion to database exfiltration in under an hour with no human direction. CrowdStrike data puts ...

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...

GGUF parser vulnerabilities disclosed May 15, 2026 include a critical integer overflow that lets any malicious model file ...

Supply chain chaos, old bugs, smarter phishing, and botnets everywhere — here’s what broke the internet this week.

North Korea-linked hackers have upgraded the InvisibleFerret malware to bypass script-based security tools, converting its Python code into compiled modules that are harder for defenders to inspect ...

Google prevents first known instance of 2FA cyber attack where hackers used AI-developed zero-day exploit; Know how to stay safe ...