Google intercepts a massive cyberattack powered by first-ever AI-generated zero-day exploit

Google claims to have thwarted a significant cyberattack by state-sponsored hackers using an AI-developed zero-day exploit.
SecurityWeek

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
CSO Online

Google discovers weaponized zero-day exploits created with AI

The 2FA bypass exploit stemmed from a faulty trust assumption, providing evidence of AI reasoning that can discover ...
MIT Technology Review

The Download: the hantavirus outbreak and Musk v. Altman week 2

Last week, eight passengers aboard a Dutch-flagged cruise ship contracted a type of hantavirus transmitted by rats. Three ...
Windows Report

Fake OpenAI Privacy Filter Repo on Hugging Face Spread Infostealer Malware

A malicious repository on Hugging Face impersonated OpenAI’s “Privacy Filter” project and briefly reached the platform’s top trending position before removal ...
Circuit Digest

Building a Voice-Controlled Drone with LiteWing using Python

The laptop connects directly to the drone through its Wi-Fi access point (AP), enabling wireless communication between the ...

Coatbridge school pupils take part in coding challenge in taste of university life

Coatbridge school pupils were 'Pytch-perfect' as they got a byte-sized taste of university life. P6 and P7 youngsters from St ...
The Next Web

The AI industry’s model and agent skill repositories are full of malware. The infrastructure built to accelerate development is now the vector for compromising it.

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.
TMCnet

MountAIn disrupts Edge AI landscape to Deliver Cloud-Grade Computer Vision Stack on Alif Semiconductor's Ensemble and Balletto Processors

MountAIn SAS, an award-winning AI orchestration company and 2026 CES Innovation Award honoree, today announced a strategic partnership with Alif Semiconductor to revolutionize Computer Vision at the ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

10 trillion downloads are crushing open-source repositories - here's what they're doing about it

10 trillion downloads are crushing open-source repositories - here's what they're doing about it ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...