One of the Russian government’s most elite hacking groups has adopted an attack, known as Clickfix, to compromise devices belonging to sensitive organizations in Ukraine, the latter country’s CERT ...
Threat actors compromised AsyncAPI packages and weaponized trusted CI/CD workflows to distribute malware through npm. This ...
A threat actor has published hundreds of fake GitHub repositories impersonating legitimate software and security projects to ...
CISA is one of around 100 organizations approved to use Anthropic’s Mythos model, which is far better than human penetration ...
Threat researchers at cloud security firm Sysdig have disclosed what they describe as the first documented ransomware operation carried out end-to-end by an autonomous AI agent, with no human typing ...
This photograph shows a screen during the 18th edition of the "InCyber" Forum, an international cyber security event, at the Grand Palais in Lille, northern France on April 1, 2026. The forum, which ...
JadePuffer, a ransomware operation, used an AI agent to carry out much of the intrusion chain from reconnaissance, key theft, ...
IBM and Red Hat have launched Lightwell to automate vulnerability remediation across enterprise open-source software ...
Rogue Agent, a vulnerability in Google Cloud Dialogflow CX, allowed attackers to control agents and exfiltrate sensitive data.
Varonis reported the flaw to Google in late 2025 and it has been addressed, but it reminds defenders to take a look at their ...
A threat group researchers call "Armored Likho" has gained access to government agencies and electrical power entities in ...