Attackers compromised the official Mistral AI Python package on PyPI along with hundreds of other widely-used developer packages, exposing GitHub tokens, cloud credentials, and password vaults across ...

The move pushes MathWorks into a world historically dominated by open-source developer tooling and AI-native workflows.

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

New 2026 report from the engineering hiring platform Second Talent finds AI Agent Engineer is the fastest-growing role ...

Google identified the first malicious AI use for a zero-day 2FA bypass in an open-source admin tool, accelerating threat ...

Criminal hackers have used artificial intelligence to develop a working zero-day exploit, the first confirmed case of its ...

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

While previous assessments categorized AI-assisted cyberattacks as experimental, current data suggests generative AI is now a mature, industrialized component of offensive operations.

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...