AI extensions after DeepSeek block at U.S. law firm, routing traffic to China servers, exposing compliance risk.

The activity begins with the attackers distributing malicious VBS files via WhatsApp messages that, when executed, create ...

Augmented Marauder targets Latin America and Europe since 2020, using dynamic PDF phishing to spread Casbaneiro via Horabot.

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

Chrome patches 21 flaws including exploited CVE-2026-5281 in Dawn, marking fourth zero-day fixed in 2026, reducing active ...

CERT-UA impersonation on March 26–27, 2026 spread AGEWHEEZE malware, infecting few devices despite 1M phishing emails.

84% of attacks abuse legitimate tools across 700,000 incidents, expanding internal attack surfaces and evading detection ...

Claude Code 2.1.88 leak exposed 512,000 lines via npm error, fueling supply chain risks and typosquatting attacks.

Google expands Android developer verification globally after September rollout, adding authentication and delays to ...

ChatGPT and Codex flaws patched Feb 2026 exposed DNS exfiltration and GitHub tokens, raising enterprise AI security risks.

AI weaponizes the kill chain across hours or days, forcing continuous exposure and agentic defense to reduce exploitation ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...