Turla turns Kazuar into a 3-module P2P botnet, enabling stealthy C2, resilient tasking, and persistent access.

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Thousands of software development teams whose CI/CD pipelines depended on LocalStack’s free community edition lost access to no-cost, no-account AWS emulation on March 23, 2026, when the company ...

Google identified the first malicious AI use for a zero-day 2FA bypass in an open-source admin tool, accelerating threat ...

Claude AI guided a threat actor toward OT ICS SCADA systems in an attack on a water and drainage utility in Mexico.

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

A new malware framework called PCPJack is stealing credentials from exposed cloud infrastructure while actively removing ...

Armed with some Python and a white-hot sense of injustice, one medical student spent six months trying to figure out whether ...

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...

AI-powered tutors are evolving from simple answer machines to personalized learning companions that adapt to each student's needs. Recent studies show that when AI tools guide thinking rather than ...