Two vulnerabilities in the secure mobile gateway appliance allow unauthenticated attackers to bypass authentication and ...

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

CISA added CVE-2026-42271, a high-severity LiteLLM command injection flaw, to its KEV catalog after evidence of active ...

Agentic AI security dominated Infosecurity Europe 2026 as Toronto researchers proved a free open-weight AI worm can ...

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

AI vs AI cybersecurity arrived in documented form on May 10, when an LLM agent drove a four-pivot intrusion to database exfiltration in under an hour with no human direction. CrowdStrike data puts ...

A security update closes a malicious code vulnerability in Docker for macOS. If attackers successfully exploit a security vulnerability in Docker on macOS, they can break out of the sandbox and ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

On May 11, the same day Google's Threat Intelligence Group disclosed the first confirmed case of attackers using AI to build a zero-day exploit, OpenAI launched Daybreak, a new agentic cybersecurity ...

Cybercriminals created a zero-day exploit with AI, the first example of artificial intelligence finding and hacking software for an illicit enterprise, the tech giant says in a new report.