JadePuffer, a ransomware operation, used an AI agent to carry out much of the intrusion chain from reconnaissance, key theft, ...
Sophos says Claude Code, Cursor, and Codex triggered Windows endpoint rules for credential access, LOLBin downloads, and ...
Ethereum gossipsub vulnerability CVE-2026-34219 lets any unauthenticated peer crash a validator with a single crafted PRUNE ...
AI Now’s Friendly Fire PoC shows Claude Code and Codex running README-planted payloads on hosts when autonomous command ...
Several AI coding assistants were tricked into facilitating developer machine hacking via an attack technique that has been ...
A PNG hiding a prompt injection could steal your repo's secrets, researchers demonstrate. The technique, dubbed 'Ghostcommit, ...
GigaWiper is a destructive backdoor that combines multiple wiping and ransomware-like capabilities into a single operational ...
A new version of the RedHook Android malware abuses the Android Wireless Debugging (Wireless ADB) mechanism in a novel way to ...
With the ability to take control of distributed devices at scale, HalluSquatting has the potential to achieve various ...
An open-source project called 'clawcodex' has been released, which claims to be a reimplementation of Claude Code from scratch in Python. The author asserts that it can significantly reduce API costs.
In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.