JadePuffer, a ransomware operation, used an AI agent to carry out much of the intrusion chain from reconnaissance, key theft, ...
According to Socket, malicious payment SDK packages on npm and PyPI are harvesting developer credentials and CI/CD ...
Researchers at Sysdig say they have observed, for the first time, a ransomware attack carried out almost entirely by an AI agent. According to the ...
Sysdig says JADEPUFFER may be the first agentic ransomware case, exposing how AI agents can turn old credential failures into database destruction. JADEPUFFER is a warning about exposed AI ...
Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that's capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is being ...
A 41-year-old former ransomware negotiator has been sentenced to nearly six years (i.e., 70 months) in prison in the U.S. for their role in conspiring with the now-defunct BlackCat ransomware ...
A 34-year-old Armenian man has pleaded guilty to hacking U.S. companies and deploying the infamous Ryuk ransomware to encrypt ...
Attackers used Azure CLI and ROPC to expose Microsoft 365 MFA gaps, showing why admins need tighter Conditional Access and ...
The “free” clipboard manager you just downloaded could be doing more than just copying and pasting text. Researchers recently found a new malware called PamStealer disguised as Maccy, a popular ...
A PNG hiding a prompt injection could steal your repo's secrets, researchers demonstrate. The technique, dubbed 'Ghostcommit, ...
The Armored Likho APT is targeting government and electric power organizations with modular RATs and information stealers.
Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...