Deception is not new to the art world, but generative AI creates new pathways through which it can enter the market.

The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.

Security vendors and their customers have spent considerable time debating where to draw the line between “legitimate” AI agents and “malicious” bots. A 31-day campaign against a major consumer ...

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...

Microsoft’s AutoJack research shows how a malicious webpage rendered by an AI browsing agent can reach local MCP services and ...

The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and ...

Microsoft says hotel phishing emails are using Calendly links and photo ZIP files to drop the TonRAT Node.js implant on front ...

FBI warns cyber criminals are using Traffic Distribution Systems to redirect users to phishing sites, malware downloads, ...

Web developers create functional, appealing websites for users to interact with. Web development is often categorized into ...

Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.

Secure document editing in your own app. ONLYOFFICE Docs Developer equips web applications with secure, latency-free document ...

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other sensitive data.