CSO Online

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Autonomous AI screening flags unreliable Lyme test results, boosting sensitivity to 95.7%

Computational point-of-care sensors can significantly improve access to diagnostics by enabling rapid patient testing outside ...
The Hacker News

LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

CISA added CVE-2026-42271, a high-severity LiteLLM command injection flaw, to its KEV catalog after evidence of active ...

'Please do not vibe f--- up this software': Broken backups spark AI coding row in rsync project

Users probe backup failures find Claude-assisted commits. Veteran engineer retorts: 'I did not just vibe-code 'convert test ...
Dark Reading

Attackers Use AI to Automate EDR Evasion Testing

Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows ...
InfoWorld

Pyrefly 1.0: A fast, forward-looking Python linter

Meta’s Rust-powered linter and type checker for Python pairs blazing speed with advanced and innovative features.

AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...

New Microsoft tool lets devs spin up AI behavior tests using text descriptions

Microsoft on Tuesday took the wraps off Adaptive Spec-driven Scoring for Evaluation and Regression Testing, an open source ...
Infosecurity Magazine

Threat Actor Uses AI to Build EDR Evasion Tools

A threat actor has been observed using AI coding tools to develop and refine malware designed to slip past endpoint detection ...
InfoWorld

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...
Microsoft

Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow

The AI systems shipping inside enterprises today are fundamentally different from the ones we were building even two years ago, because they have moved well past answering questions and into accessing ...