The FBI warned that TeamPCP software supply chain attacks targeted developer tools to steal cloud credentials, SSH keys, and ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
A new report reveals that AI agents can autonomously execute ransomware attacks, evidenced by the case of JADEPUFFER, which ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Researchers at Sysdig say an AI agent called JADEPUFFER carried out a fully autonomous ransomware attack in just 31 seconds, exploiting a Langflow CVE-2025-3248 flaw, adapting to failed exploits in ...
Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...
A new report reveals that AI agents can execute ransomware attacks autonomously, as demonstrated by the case of JADEPUFFER, ...
Every Python developer knows some or all of these libraries, because they’re stable, reliable, and excellent at what they do.
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Kaspersky says the attacks use phishing, GitHub-hosted payloads, CVE-2025-9491 LNK abuse, and Go2Tunnel-based tunneling.
NVIDIA diffusion language model Nemotron TwoTower achieves 2.42x LLM inference throughput without a full retraining run, ...
New benchmarks show semantic code graphs helping coding agents find change locations faster and complete updates more ...