Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
They're not bad; they're just prompted that way. Sysdig threat hunters documented what they say is the first-ever documented ...
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
Explore the latest news and expert commentary on Endpoint Security, brought to you by the editors of Dark Reading ...
France’s OVHcloud bets on frontier AI as Europe seeks alternatives to US models The company says the cost of training frontier AI models has fallen sharply, but analysts say the bigger challenge may ...
Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...
Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...