AI helps novice threat actor compromise FortiGate devices in dozens of countries

Generative AI tools analyzed target networks and wrote exploit code, enabling an opportunistic attacker to have an outsized ...
CSO Online

New Arkanix stealer blends rapid Python harvesting with stealthier C++ payloads

The Arkanix infostealer combines LLM-assisted development with a malware-as-a-service model, using dual language implementations to maximize reach and establish persistence.
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
CSO Online

Russian group uses AI to exploit weakly-protected Fortinet firewalls, says Amazon

The report warns CSOs that while AI is helping unsophisticated threat actors, failure to implement cybersecurity basics is fatal regardless of the attacker's skill.
PCMag

Is It Legal to Browse the Dark Web? Myths, Facts, and How to Access It Safely

You've probably heard of the dark web, but what's actually on it? These 5 tips can help you explore the dark web using Tails, Tor, and a VPN, assuming you actually want to go see.
PCMag

Anthropic Rolls Out Autonomous Vulnerability-Hunting AI Tool For Claude Code

The new tool, now testing as part of Claude Code, can scan codebases for security vulnerabilities and suggest targeted ...
InfoWorld

How to choose the best LLM using R and vitals

Use the vitals package with ellmer to evaluate and compare the accuracy of LLMs, including writing evals to test local models ...