Researchers from OpenAI, Anthropic, and Google DeepMind found that adaptive attacks bypassed 12 AI defenses that claimed near-zero risk.

Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

More than 230 malicious packages for the personal AI assistant OpenClaw (formerly known as Moltbot and ClawdBot) have been ...

A comprehensive SAML development guide for engineering leaders. Learn about assertions, metadata, and securing single sign-on for enterprise CIAM.

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native ...

Researchers discover that PureRAT’s code now contains emojis – indicating it has been written by AI based-on comments ripped ...

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...

Two VSCode extensions are harvesting sensitive data and sending it to China.

Learn about the filters you’ll use most often and how they work.