CSO Online

Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

New GitHub Zero-Day Exposed Developer Tokens to Attackers

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...
Dark Reading

Attackers Use AI to Automate EDR Evasion Testing

Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows ...
Interesting Engineering on MSN

OpenAI partners with US govt for bio-weapons detection and threat preparedness

OpenAI has launched a new biodefense initiative centered on GPT-Rosalind, a specialized frontier-reasoning AI ...
SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed the full details of the vulnerability and released a PoC without notifying Microsoft in advance. A security researcher has disclosed details of a severe Visual Studio Code ...