Leaked Shai-Hulud malware fuels new npm infostealer campaign

The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected ...
The Next Web

Google found the first AI-generated zero-day exploit. It stopped the attack before it started.

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

The First AI-Crafted Zero-Day Was Easy to Spot. The Next One May Not Be

Google reported the first confirmed AI-assisted zero-day exploit, raising new concerns about logic flaws, supply chain risk, ...
Decrypt

Hackers Insert Malware Into Mistral AI Software Download

Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...
Tech Wire Asia

Google says hackers are using AI to find zero-days and build malware

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...
Hosted on MSN

Google confirms first AI-created zero-day 2FA bypass exploit

The flaw allowed two-factor authentication to be bypassed if valid credentials were obtained, exploiting a hardcoded trust assumption. Google worked with the vendor to patch the issue before mass ...

Warning Issued As Fake Claude Code Installer Attacks Confirmed

A fake Claude code installer can successfully exfiltrate decrypted cookies, passwords and payment methods from Chromium ...

Uncovering coded antisemitism online takes both human expertise and AI automation

Tracking hate speech online is challenging even when terms are explicit. Coded speech is harder to detect – but pairing AI ...
CSO Online

ClickFix finds a backup plan in PySoxy proxy chains

ReliaQuest observed attackers pairing ClickFix with the PySoxy proxy tool to establish redundant encrypted access paths and ...
CoinDesk

The $293 million KelpDAO hack shows why DeFi is finally being forced to grow up

For protocol founders and security researchers, the incident reinforced a broader shift underway across crypto: DeFi is no longer primarily battling coding bugs. It’s battling complexity.

Daybreak is OpenAI's response to Anthropic's Claude Mythos

OpenAI has just launched Daybreak, a cybersecurity initiative that's clearly the company's competitor to Anthropic's Project ...
Decrypt

What Is AI Jailbreaking? A Beginner's Guide to the Cat-and-Mouse Game Behind Every Chatbot

Jailbreaking went from cracking iPhones to liberating LLMs. Here's how it works, who's doing it, and why every AI lab is ...