A new iteration of the Shai-Hulud malware that ran through npm repositories in September is faster, more dangerous, and more ...

Google has identified early signs of malware that can rewrite its own code using AI, a mutation-driven threat that could ...

A new ClickFix variant ratchets up the psychological pressure to 100 and addresses some technical mitigations to classic ClickFix attacks.

Attackers sidestep encryption with spoofed apps and zero-click exploits to compromise 'high-value' mobile users CISA has warned that state-backed snoops and cyber-mercenaries are actively abusing ...

U.S. CISA exposes how commercial spyware and RATs hijack Signal, WhatsApp and Android devices to spy on high-ranking ...

CrowdStrike shows Chinese AI DeepSeek-R1 quietly weakens code security when prompts mention Tibet, Uyghurs, or Falun Gong.

Models trained to cheat at coding tasks developed a propensity to plan and carry out malicious activities, such as hacking a customer database.

The SWE-Bench Verified evaluation is basically a test of AI processing accuracy. It measures how well the AI solves a set of coding problems. According to OpenAI, GPT-5.1-Codex-Max "reaches the same ...

When top-level enterprise executives think of cybersecurity threats, they tend to picture things like malware, ransomware, ...

A malicious extension was published on Microsoft’s official VS Code marketplace, and was able to remain there for some time gathering downloads and infecting people’s computers.

OpenAI's newly-launched Sora app is so popular that people are paying for access. Business Insider found more than 20 completed eBay sales for Sora invite codes. On Tuesday, OpenAI unveiled its TikTok ...

Security experts have warned that a newly discovered supply chain attack targeting npm packages is still active and may already have impacted 10% of cloud environments. On Monday, a threat actor ...