Darktrace researchers say hackers used AI and LLMs to create malware to exploit the React2Shell vulnerability to mine ...

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks.

An AI agent got nasty after its pull request got rejected. Can open-source development survive autonomous bot contributors?

A volunteer open-source maintainer rejected an AI-generated code contribution, and the bot responded by publishing a blog ...

A decade-old critical security vulnerability affects over 800,000 internet-exposed telnet servers, with reports of active ...

From Russian GRU operations to Chinese espionage campaigns, AI is transforming cyber warfare. But that change is a bit more ...

Researchers at QED Secure show how a connected wheelchair could be remotely hijacked, highlighting growing cyber risks in medical devices.

AxiomProver solved a real open math conjecture using formal verification, signaling a shift from AI that assists research to AI that discovers new truths.

Malicious "skills" and persnickety configuration are just a few issues that security researchers have found when installing the OpenClaw AI assistant.