JDownloader site hacked to replace installers with Python RAT malware

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...
Morning Overview on MSN

The AI-generated zero-day discovered by Google used clean 'textbook' Python code — a hallmark of large language model output

The exploit code was almost too neat. When Google’s Threat Intelligence Group flagged a previously unknown software ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
The Next Web

The AI industry’s model and agent skill repositories are full of malware. The infrastructure built to accelerate development is now the vector for compromising it.

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.
Nature

How to vibe code in science: early adopters share their tips

He was brainstorming ideas with an artificial-intelligence tool and getting it to code and create them quickly. Together, ...

Google stopped a zero-day hack that it says was developed with AI

Google researchers found evidence in the exploit’s code that it may have been created using AI, like a ‘hallucinated’ CVSS ...

Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...
The Next Web

Google found the first AI-generated zero-day exploit. It stopped the attack before it started.

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

Google Says It Found Evidence of Hackers Using AI to Discover a Zero-Day Vulnerability

As AI models continue to get more powerful, it’s not too surprising that some people are trying to use them for crime. The ...

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
BeInCrypto

Google Catches First AI Zero-Day Exploit: A Warning Shot for Crypto Security?

Google's threat team caught the first live AI-built zero-day exploit, escalating the attacker-defender AI arms race.