Tech Times

AI vs AI Cybersecurity: Sysdig Documents First LLM-Agent Intrusion in the Wild

AI vs AI cybersecurity arrived in documented form on May 10, when an LLM agent drove a four-pivot intrusion to database exfiltration in under an hour with no human direction. CrowdStrike data puts ...
The Hacker News

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams ...

Massive regional C2 footprint More than 1.3K C2 Servers Discovered in the Middle East Hunt.io said it identified more than ...
NETGEAR

Disrupting Glassworm: Inside CrowdStrike’s Takedown of a Developer-Targeting Botnet

In collaboration with Google and the Shadowserver Foundation, CrowdStrike Counter Adversary Operations team struck all four of Glassworm's command-and-control (C2) channels simultaneously, severing ...
Spiceworks on MSN

Did AI write the worm that breached GitHub’s own house?

A single developer. One poisoned extension. Five supply chain surfaces compromised in 48 hours. And a threat group claiming ...
Hackaday

This Week In Security: AI Generated Reports, More AI Generated Reports, GitHub Chaos, And ...

Google’s Project Zero demonstrates a new zero-click exploit for the Pixel 10 phones, showing a full escalation from remote to kernel without user interaction. During the investigation Project Zero ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
The Hacker News

ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories

A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always breaking in. They are ...
Microsoft

Exposing Fox Tempest: A malware-signing service operation

Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...
Cryptopolitan on MSN

Criminal hackers used AI to write working zero-day exploit

Google caught the first zero-day exploit built with AI assistance. Criminal and state backed hackers are using AI models to find vulnerabilities faster.