AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...
The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...
Tech Times

Anthropic AI Vulnerability Scanner in Enterprise Beta: IBM Joins Glasswing After 10,000 Flaws Found

AI vulnerability scanner enterprise teams can now access Claude Security in public beta, powered by Claude Opus 4.7, with no ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
The Next Web

SEALSQ takes majority of WeCan to build a post-quantum AI compliance co-pilot for private banks

Swiss post-quantum-crypto firm SEALSQ has acquired a majority of WeCan Group and committed CHF 5M to accelerate an AI compliance co-pilot for private banks including Pictet, Lombard Odier and Barclays ...