Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

AtlasCross RAT spreads via 11 fake domains registered October 27, 2025, enabling encrypted C2 control and persistence.

LiteLLM, a widely used AI developer tool, was hit by a supply chain attack through a malicious PyPI release. The malware stole credentials, spread across systems, and crashed machines. The incident ...

Add Decrypt as your preferred source to see more of our stories on Google. Hermes Agent saves every workflow it learns as a reusable skill, compounding its capabilities over time—no other agent does ...

IntroductionIn February 2022, BlackBasta emerged as a successor to Conti ransomware and quickly rose to prominence. BlackBasta was operational for three years until February 2025 when their internal ...

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

Andrej Karpathy, the former Tesla AI director and OpenAI cofounder, is calling a recent Python package attack "software horror"—and the details are genuinely alarming. A compromised version of LiteLLM ...

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Threat actors can extract Google API keys embedded in Android applications to gain access to Gemini AI endpoints and ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.

A bombshell, now unredacted, email appears to contradict Donald Trump’s repeated claim that he expelled Jeffrey Epstein from Mar-a-Lago. The 2009 email from Epstein’s attorney, Jack Goldberger, was ...