Exploitation of open-source tools allows attackers to maintain persistent access after initial social engineering, warn ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...

May the best coding AI win!

I stopped manually cleaning spreadsheets after Claude did it in minutes, and it's what it does better than any other AI.

A cybercriminal group came close to launching a mass attack earlier this year, armed with a software exploit that an AI model ...

In recent weeks, alarm bells have been ringing repeatedly over critical vulnerabilities in the Linux kernel. Why is that? Do we have AI to thank for these discoveries? And should we expect similar ...

Turla turns Kazuar into a 3-module P2P botnet, enabling stealthy C2, resilient tasking, and persistent access.

Weekly ThreatsDay Bulletin: supply chain attacks, fake support lures, AI tampering, data leaks, ransomware, and exploited ...

May 2026 dropped three critical Linux vulnerabilities on a near-weekly cadence, and the security discourse has mostly treated them as three separate bad days. They’re not. Together they form a ...