Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
They're not bad; they're just prompted that way. Sysdig threat hunters documented what they say is the first-ever documented ...
EncryptPro handles the basics of encrypting your important files at no charge, while a subscription gets you enhanced features and convenience. It’s a bit rough around the edges, but it shows great ...
Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...
A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
DirtyClone, tracked as CVE-2026-43503, is a Linux kernel vulnerability that allows any local user to gain root privileges.
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
This research is part of a joint initiative between the Cloud Security Alliance (CSA) and OWASP AI Exchange, building upon the previously published Agentic AI Red Teaming Guide. The objective of this ...
A ZIP archive may contain many entries whose content can be compressed and/or encrypted. In particular, entries can be encrypted with a password-based symmetric encryption algorithm referred to as ...
University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way through a network, ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results