The actively exploited defect could affect every mainstream Linux distribution built since 2017, but some researchers found Theori’s AI-generated disclosure unhelpful and lacking.

Google’s highest security setting for its agents runs command operations through a sandbox and throttles network access, but is still vulnerable to prompt injection.

GreyNoise researchers spotted a consistent trend in forthcoming vulnerabilities affecting security tools, providing defenders an early-warning system for likely imminent attacks.

Attackers have turned AI into a “force multiplier” for the country’s expansive scheme to get and keep operatives hired at global companies, researchers said.

The author of a new study told CyberScoop he's "very worried,” describing deanonymization capabilities of AI as a “large scale invasion of privacy.”

Through a simple calendar invite, AI browsers like Comet can be directed to access local file systems, browse directories, open and read files, and exfiltrate data.

The average time from intrusion to network movement in 2025 was 29 minutes, a 65% increase in speed from the year prior.

The research underscores how AI tools have matured in their cyber offensive capabilities, even as it doesn’t reveal novel or paradigm shifting uses of the technology.

Most signs suggest the group is running a massive hoax by claiming hundreds of initial victims, but at least some of the threat 0APT poses is grounded…

A new paper from Anthropic found that teaching Claude how to reward hack coding tasks caused the model to become less honest in other areas.