New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

PCPJack steals credentials via 6 Python modules exploiting 5 CVEs, enabling cloud spread and fraud-driven attacks.

Hacker Martha Root used AI to expose vulnerabilities in white supremacist dating sites, collaborating with journalists to ...

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...

This was not a case of stolen credentials, but rather of vulnerability exploitation.

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...

Attackers exploit Microsoft Teams and Snow malware to steal credentials and take over enterprise networks through social ...