Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say ...

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...

Exploitation of open-source tools allows attackers to maintain persistent access after initial social engineering, warn ...

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...

CVE-2026-22679 exploited via debug endpoint in Weaver E-cology before 20260312, enabling RCE and system compromise.

AI tools work well on their own, but they work best in combination ...

KongTuke has been regarded as the original access broker and has switched to Microsoft Teams for social engineering attacks, ...

The software engineering landscape in 2026 has reached a definitive inflection point: AI agents now autonomously resolve over 70% of software issues, and 30-40% of code in leading repositories is ...

OpenAI has published a technical explanation of its Windows sandbox for Codex, detailing a stricter local setup for the coding agent on developer PCs. Codex can still read broadly across a system, ...

A fake repository mimicking OpenAI’s Privacy Filter on Hugging Face accumulated ~244,000 downloads before being removed. It delivered a multi-stage Rust infostealer ...