Microsoft flagged a Mistral AI hack as a supply-chain attack that hid malware in a fake AI library on PyPI. Here's what ...

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Mini Shai-Hulud hit 2 OpenAI devices via TanStack, exposing limited credentials and forcing macOS certificate updates by June ...

Be honest with me. How many of your passwords are still some version of your pet’s name followed by a number? Studies have shown that roughly 80% of data breaches involve weak or reused passwords.

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...

Scammers built a convincing fake Windows update site that installs password-stealing malware. Learn how the multi-stage attack works and how to stay safe.

Google has not identified which LLM was used to develop the zero-day exploit, but has confirmed that its own Gemini AI was ...

Attackers compromised the official Mistral AI Python package on PyPI along with hundreds of other widely-used developer packages, exposing GitHub tokens, cloud credentials, and password vaults across ...

The company said that it had identified, for the first time, hackers using artificial intelligence to discover an unknown bug ...