Securonix uncovers the Veil#Drop malware framework, which abuses compromised websites and Google Blogspot to deploy the PureLog information stealer.
SearchLeak and a three-CVE LiteLLM chain broke the same AI trust boundary in two weeks. A 5-check audit maps each gap to a ...
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
A developer reverse-engineering Anthropic's Claude Code binary discovered on June 30, 2026, that the tool had been silently encoding hidden signals into its AI system prompts for at least three months ...
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
The accessibility tree decides whether an AI agent can read and act on your page. The 2026 data says the web is getting ...
ESET researchers assisted in the global disruption of the Amadey botnet and Stealc infostealer, providing technical analysis, ...
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
A five-character fix turned a failing Lighthouse Agentic Browsing audit into a clean pass. What that reveals about what the audit actually measures.
A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...
PureLogs Stealer uses fake PDF JavaScript files and Google's Blogger pages in the VEIL#DROP campaign, enabling fileless ...
Hidden Attribution Markers Found in Anthropic Claude Code Anthropic's AI model has been found to contain hidden tracking mechanisms targeting Chinese users within system prompts and code. Gabrielle ...