ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...
A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a ...
TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...
The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...
Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a vulnerability in the developers’ account workflow that gave access to its signing keys ...
Over 1,800 developers were likely infected in the Mini Shai-Hulud supply chain attack that hit SAP, Lightning, and Intercom ...
While previous assessments categorized AI-assisted cyberattacks as experimental, current data suggests generative AI is now a mature, industrialized component of offensive operations.
Quasar Linux (QLNX) is not an operating system, but a supply chain attack tool that is difficult to detect and remove.
Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...
Runpod Flash is an open-source Python SDK that removes the infrastructure overhead between writing AI code and running it in ...
Morning Overview on MSN
PyTorch Lightning versions 2.6.2 and 2.6.3 were compromised on April 30 — check your installs immediately
On April 30, two releases of one of the most popular machine learning libraries on the Python Package Index were caught ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results