Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

Attackers are using multi-model artificial intelligence harnesses to generate malware on the fly, with no malicious code ever ...

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with ...

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...

Researchers demonstrated an AI worm that adapts to targets, generates attack strategies, and spreads across networks without ...

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...

There's another likely North Korean-linked scam hitting developers and their employers, while snarfing up credentials and ...

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

The hunt is on to find protections against the coming generation of adaptive AI worm malware in order to head off a global incident on the scale of other famous worm events, such as NotPetya, Stuxnet, ...