The ZCash team hired a hacker to find an exploit in the ZCash protocol, and he exposed a glitch that has been out there for ...

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...

AI shrinks exploitation windows to hours while median critical patching time rose to 43 days, increasing exposure risk.

Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories ...

The recent disclosure by Google’s Threat Intelligence Group that hackers are now using artificial intelligence to develop ...

AI vs AI cybersecurity arrived in documented form on May 10, when an LLM agent drove a four-pivot intrusion to database exfiltration in under an hour with no human direction. CrowdStrike data puts ...

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...

GGUF parser vulnerabilities disclosed May 15, 2026 include a critical integer overflow that lets any malicious model file ...

North Korea-linked hackers have upgraded the InvisibleFerret malware to bypass script-based security tools, converting its Python code into compiled modules that are harder for defenders to inspect ...