Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

TL;DR Introduction At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with ...

An AI-driven worm using a local open-weight LLM autonomously exploited and replicated across 62% of a 33-host test network in ...

The hunt is on to find protections against the coming generation of adaptive AI worm malware in order to head off a global incident on the scale of other famous worm events, such as NotPetya, Stuxnet, ...

AI vs AI cybersecurity arrived in documented form on May 10, when an LLM agent drove a four-pivot intrusion to database exfiltration in under an hour with no human direction. CrowdStrike data puts ...

The AI company's Bumblebee tool tackles your most urgent question after any supply‑chain advisory: Do your programmers have this malware installed?