JDownloader site hacked to replace installers with Python RAT malware

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Google Says Criminal Hackers Used A.I. to Find a Major Software Flaw

The company said that it had identified, for the first time, hackers using artificial intelligence to discover an unknown bug ...
InfoWorld

Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...
TweakTown

Google finds hackers using AI to discover and develop a zero-day exploit for the first time for mass attacks

Google has not identified which LLM was used to develop the zero-day exploit, but has confirmed that its own Gemini AI was ...

Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...
The Financial Express

AI hackers are getting faster, and Google says this is only the beginning

Google believes the attackers utilised an AI model not just to write the exploit code, but also to help identify the ...
Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...
Computing

Criminals have already used AI to create a zero-day exploit

Researchers at Google say they have uncovered the first known case of hackers using AI to develop a zero-day cyber exploit.

Why a 2017 Linux bug is now a major concern for the crypto industry

The Linux vulnerability affecting crypto infrastructure security A recently uncovered security flaw in Linux is drawing ...
PCQuest

A password wasn’t enough, 2FA wasn’t enough, then AI entered the attack

Google warns AI may be helping hackers turn zero-days into faster attacks. See why stolen passwords, admin tools, and patch ...