The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...

Scammers built a convincing fake Windows update site that installs password-stealing malware. Learn how the multi-stage attack works and how to stay safe.

What would some of the world's largest repositories of malware look like if they were stacked as hard drives, one on top of the other?

Silver Fox spreads ABCDoor via 1,600 phishing emails in 2026 targeting India and Russia, enabling data theft and remote ...

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

The exploit code was almost too neat. When Google’s Threat Intelligence Group flagged a previously unknown software ...

TL;DR Two malicious versions of the popular PyTorch Lightning package have been uploaded to PyPI following the publisher account’s compromise. Lightning versions 2.6.2 and 2.6.3 (tracked as ...