An AI agent carried out the technical execution of a real-world ransomware attack for the first known time, but new details ...
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted ...
Maccy users are being warned about fake sites after researchers found malware using the app’s name to steal Mac login ...
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
A researcher found that using Anthropic’s Claude Opus 4.7, he could break into the website of Front Gate—used by every ...
Anthropic’s AI coding agent silently encoded proxy hostnames and Chinese timezone data into invisible Unicode characters ...
Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...
This package provides a library composed by functions widely used in other GrimoireLab projects. These function deal with date handling, introspection, URIs/URLs, among other topics. You will also ...
This research is part of a joint initiative between the Cloud Security Alliance (CSA) and OWASP AI Exchange, building upon the previously published Agentic AI Red Teaming Guide. The objective of this ...