Microsoft details a new ClickFix variant abusing DNS nslookup commands to stage malware, enabling stealthy payload delivery ...

Darktrace researchers say hackers used AI and LLMs to create malware to exploit the React2Shell vulnerability to mine ...

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...

An AI agent got nasty after its pull request got rejected. Can open-source development survive autonomous bot contributors?

A volunteer open-source maintainer rejected an AI-generated code contribution, and the bot responded by publishing a blog ...

AxiomProver solved a real open math conjecture using formal verification, signaling a shift from AI that assists research to AI that discovers new truths.

An autonomous OpenClaw AI agent launched a public smear campaign against a developer after he rejected its code submission on GitHub.

Workforce monitoring software was abused in two cases of attempted ransomware attacks, researchers from Huntress found.

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to ...

Some cybersecurity researchers say it’s too early to worry about AI-orchestrated cyberattacks. Others say it could already be ...