Out in the real world, with Codex in the ChatGPT mobile app, users can accomplish tasks without juggling a laptop or having ...

CRPx0 is a complex, stealthy malware campaign that targets macOS and Windows systems, and appears to have Linux capabilities ...

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...

Security researchers have uncovered covert infostealer malware hidden in one of the top-ranking repositories on Hugging Face, ...

New research from a trio of Microsoft researchers reveals that LLMs ‘introduce substantial errors when editing work documents ...

The company said that it had identified, for the first time, hackers using artificial intelligence to discover an unknown bug ...

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

Google threat intelligence claims to have identified the first known case of cyber attackers using AI to help develop a zero-day exploit. Elsewhere, LLMs are being used to hide malware and create ...

Are magic links secure? A security analyst breaks down token entropy, replay protection, expiry, device binding, and email compromise risks for MojoAuth users.

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...