Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

Anthropic is investigating reports that unauthorized users accessed its Mythos AI tool via a vendor, raising cybersecurity ...

AI is uncovering decades-old software bugs at scale, forcing a race to patch vulnerabilities before attackers gain access to ...

A multi-tenant authentication gap in Microsoft’s AI operations agent exposed live command streams, internal reasoning, and ...

Google launches AI agent suite at Cloud Next 2026 with Workspace Studio, A2A protocol at 150 orgs, and Project Mariner. The pitch: only Google owns the full stack.

Google Cloud introduced a new AI agent platform, updated data architecture, and eighth-generation TPUs at Next 2026.

The study offers a valuable resource and integrates multiple complementary datasets to provide insights into regulatory mechanisms, although the conceptual advances are moderate and the central ...

One group of hackers used AI for everything from vibe coding their malware to creating fake company websites—and stole as ...

Every secure API draws a line between code and data. HTTP separates headers from bodies. SQL has prepared statements. Even email distinguishes the envelope from the message. The Model Context Protocol ...

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...

Cloud automation uses software to handle tasks like setting up servers or deploying applications, cutting down on manual work ...

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.