A tiny Python script triggered a major Linux failure in a way that few users would expect. The incident shows how even small ...

Google identified the first malicious AI use for a zero-day 2FA bypass in an open-source admin tool, accelerating threat ...

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

On May 11, the same day Google's Threat Intelligence Group disclosed the first confirmed case of attackers using AI to build ...

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...

May 2026 dropped three critical Linux vulnerabilities on a near-weekly cadence, and the security discourse has mostly treated them as three separate bad days. They’re not. Together they form a ...

As AI becomes more capable of identifying vulnerabilities and analysing attacks, companies are beginning to use it for defence as well.

Google caught the first zero-day exploit built with AI assistance. Criminal and state backed hackers are using AI models to ...

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

OpenAI has published a technical explanation of its Windows sandbox for Codex, detailing a stricter local setup for the coding agent on developer PCs. Codex can still read broadly across a system, ...