Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
These are my go-to libraries for Python data crunching.
ActiveState explains how GitHub Actions attack chains can evade traditional CI security scanners, why passing a scan doesn't ...
A new report reveals that AI agents can autonomously execute ransomware attacks, evidenced by the case of JADEPUFFER, which ...
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
A threat group researchers call "Armored Likho" has gained access to government agencies and electrical power entities in ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Researchers at Sysdig say an AI agent called JADEPUFFER carried out a fully autonomous ransomware attack in just 31 seconds, exploiting a Langflow CVE-2025-3248 flaw, adapting to failed exploits in ...
New benchmarks show semantic code graphs helping coding agents find change locations faster and complete updates more ...
AI is accelerating modernization projects that previously required months of analysis. But in highly regulated organizations, ...
The offices of Google are pictured in London on February 28, 2026. JUSTIN TALLIS/AFP via Getty Images Google released agents-cli on April 21, 2026, and it has shipped 13 updates in the 71 days since — ...