Threat actors compromised AsyncAPI packages and weaponized trusted CI/CD workflows to distribute malware through npm. This ...
JFrog finds 148 npm proxy packages turned student browsers into a DDoS botnet, while a mutable loader lets operators re-arm ...
Threat researchers at cloud security firm Sysdig have disclosed what they describe as the first documented ransomware operation carried out end-to-end by an autonomous AI agent, with no human typing ...
Microsoft is extending Dataverse into coding-agent marketplaces while expanding its MCP tools, certification program and governance controls.
Anthropic accuses Alibaba of using 25,000 fake accounts to scrape Claude AI The alleged campaign generated 28.8 million queries in a large-scale model-extraction effort to replicate AI capabilities.