TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Google identified the first malicious AI use for a zero-day 2FA bypass in an open-source admin tool, accelerating threat ...

On May 11, the same day Google's Threat Intelligence Group disclosed the first confirmed case of attackers using AI to build ...

A cybercriminal group came close to launching a mass attack earlier this year, armed with a software exploit that an AI model ...

Google claims to have thwarted a significant cyberattack by state-sponsored hackers using an AI-developed zero-day exploit.

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

(Nasdaq: KLTR), the Agentic Digital Experience company, today announced the open-source release of a suite of AI agent skills - structured, production-tested knowledge modules that enable AI coding ...

A fake repository mimicking OpenAI’s Privacy Filter on Hugging Face accumulated ~244,000 downloads before being removed. It delivered a multi-stage Rust infostealer ...

A malicious repository on Hugging Face impersonated OpenAI’s “Privacy Filter” project and briefly reached the platform’s top trending position before removal ...

Articraft transforms the creation of articulated 3D assets into a programmatic, code-generation workflow powered by LLMs. Engineered for large-scale dataset generation, it bypasses heavyweight manual ...