An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt ...
Nothing broke, so I never looked.
Researchers at Sysdig say they have observed, for the first time, a ransomware attack carried out almost entirely by an AI agent. According to the ...
A new Mac infostealer dubbed PamStealer impersonates the open-source Maccy clipboard manager to steal passwords and more.
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Citrix NetScaler received patches for another memory leak vulnerability similar to CitrixBleed, as well as memory overflow, file read and denial-of-service issues ...
Researchers have found a never-before-seen piece of macOS malware that combines a series of clever tradecraft to infect Macs ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Secure software supply chain solution provider Chainguard Inc. today expanded its Chainguard Repository product with malware ...
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Google has announced that certain Workspace subscribers can now send end-to-end encrypted emails to anyone, regardless of the provider. If you're a Gmail client-side encryption (CSE) user on a Google ...