Security researchers have uncovered covert infostealer malware hidden in one of the top-ranking repositories on Hugging Face, ...

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...

Google threat intelligence claims to have identified the first known case of cyber attackers using AI to help develop a zero-day exploit. Elsewhere, LLMs are being used to hide malware and create ...

In March 2026, someone hijacked a maintainer account for Axios, a JavaScript HTTP library downloaded more than 45 million ...

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.

Named PCPJack, the framework was discovered on April 28 by a hunting rule on Google's VirusTotal malware scanning service ...

PCPJack steals credentials via 6 Python modules exploiting 5 CVEs, enabling cloud spread and fraud-driven attacks.

Copy Fail could represent a significant security risk in the making. The vulnerability was discovered by researchers at ...

Copy Fail was identified by Theori’s researchers with assistance from their Xint Code AI tool. According to a blog post, ...

The stealthy Python-based backdoor framework deploys a persistent Windows implant likely designed for espionage.

Over 1,800 developers were likely infected in the Mini Shai-Hulud supply chain attack that hit SAP, Lightning, and Intercom ...

The opossums wear collars that send a signal to researchers when the mammal is eaten, revealing the snake's location. Currently, the team is working with 32 opossums with hopes of reaching 40 by the ...