Proofpoint says Chinese cybercrime group TA4922 is using AI-assisted phishing and apparently LLM-developed malware, including ...

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.

Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows ...

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

A new Chinese-speaking cybercrime group has expanded its reach from East Asia into Europe and Africa, while rapidly ...

A threat actor has been observed using AI coding tools to develop and refine malware designed to slip past endpoint detection ...

CrowdStrike, Google, and the Shadowserver Foundation dismantled the GlassWorm malware operation, but experts say the broader ...

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

CrowdStrike, alongside Google and the Shadowserver Foundation, has disrupted the Glassworm botnet used to spread malware ...

CrowdStrike, Google, and the Shadowserver Foundation dismantled the GlassWorm malware operation, but experts say the broader ...