Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

AISLE launched Snapshot, deploying AI vulnerability detection inside air-gapped networks. The startup found all 12 OpenSSL zero-days and ranks first on Berkeley's benchmark.

Anthropic's Mythos Preview was highly effective at finding vulnerability candidates, especially when analyzing source code.

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

JINX-0164 has targeted crypto developers through fake LinkedIn meeting invites that lead to macOS malware infections, ...

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

CVE Lite CLI helps developers quickly identify and fix vulnerable npm dependencies during development, reducing delays and ...

Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform ...

AI paid compared to those with little or none, per the IBM Cost of a Data Breach Report 2025. The same IBM 2025 research found that 13% of organizations had already suffered a breach of an AI model or ...

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...

Anthropic research shows AI agents can autonomously achieve millions of dollars in exploits. Attackers stole at least $36.7 ...