Malicious packages on the Node Package Manager (npm) and the Python Package Index (PyPI) delivered stealer malware to ...
Sophos says Claude Code, Cursor, and Codex triggered Windows endpoint rules for credential access, LOLBin downloads, and ...
Sysdig says JADEPUFFER may be the first agentic ransomware case, exposing how AI agents can turn old credential failures into database destruction. JADEPUFFER is a warning about exposed AI ...
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt ...
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted ...
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.