A tiny Python script triggered a major Linux failure in a way that few users would expect. The incident shows how even small ...

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

Google identified the first malicious AI use for a zero-day 2FA bypass in an open-source admin tool, accelerating threat ...

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

The 2026 picoCTF competition has officially expanded with more challenges than ever before, yet the transition from the block-based logic of Karel to the raw Python scripting required for CTFs remains ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

A new malware framework called PCPJack is stealing credentials from exposed cloud infrastructure while actively removing ...

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

On May 11, the same day Google’s Threat Intelligence Group disclosed the first confirmed case of attackers using AI to build ...

As AI becomes more capable of identifying vulnerabilities and analysing attacks, companies are beginning to use it for defence as well.

May 2026 dropped three critical Linux vulnerabilities on a near-weekly cadence, and the security discourse has mostly treated them as three separate bad days. They’re not. Together they form a ...