Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Sysdig threat hunters documented what they say is the first-ever documented agentic ransomware infection with an LLM - not a ...
Someone fine-tuned Claude Fable 5's reasoning style into a local Qwen model, creating Qwable. Then someone else removed its ...
Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
Microsoft is accelerating its quantum-safe security plans as it prepares critical products and services for PQC by 2029.
On Monday, Russian users found they could no longer reach PyPI, the package repository that Python developers rely on for code libraries. Reports began appearing on the Detector404 website after 1:00 ...
Google links Turla to STOCKSTAY, a new .NET backdoor used in phishing attacks against Ukraine government and military targets ...
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
A threat actor has been observed using AI coding tools to develop and refine malware designed to slip past endpoint detection and response (EDR) software, in what was presented as a red team project.
A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. Tool and payload development ...
A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The lookalike package hid a multi-stage Windows remote access trojan (RAT) in a ...