CISA added CVE-2026-42271, a high-severity LiteLLM command injection flaw, to its KEV catalog after evidence of active ...

There's another likely North Korean-linked scam hitting developers and their employers, while snarfing up credentials and ...

Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows ...

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to breach the servers running them and make off with sensitive data and ...

Developers using open-source tools face heightened supply-chain risk after the botnet lost all four of its command channels.

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...

An industry effort involving CrowdStrike, Google and the Shadowserver Foundation has led to the disruption of the Glassworm ...

CrowdStrike, Google and the Shadowserver Foundation worked together to take down a botnet that poisoned over 300 GitHub ...

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that compromised LiteLLM, a widely used open-source Python ...

AI vs AI cybersecurity arrived in documented form on May 10, when an LLM agent drove a four-pivot intrusion to database exfiltration in under an hour with no human direction. CrowdStrike data puts ...

WSL has come a long way.