For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

OpenClaw AI agent found falling for phishing attacks, spills user data

Phishing simulation on an OpenClaw email agent with various configuration profiles showed that it was susceptible to tactics ...
The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

Nearly a million passports and photo IDs were left unprotected on the public internet

They were all sitting unprotected at public URLs, with no password or access control of any sort. If I sent you a link, you ...
The Hacker News

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

An AI-driven worm using a local open-weight LLM autonomously exploited and replicated across 62% of a 33-host test network in ...
Interesting Engineering

Game of Battleship helped computers get 82% better at finding hidden answers

Researchers at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) and Harvard’s School of Engineering and ...
Quanta Magazine

How Terry Tao Became an Evangelist for AI in Math

With automated proof-checkers, a problem can be broken up into small chunks, solved bit-by-bit, then reassembled with ...

How a machine learning engineer built a churn prediction model that transformed a subscription platform’s retention strategy

A subscription technology platform with over 100,000 users was losing customers each month despite having access to ...
KUNC

Trump is using California's routine vote counting to push fraud allegations

Several California races remain uncalled as millions of ballots still need to be counted. All regular occurrences -- and all fodder for President Trump's claims it's a sign of election fraud.

Chinese APT deploys new malware to keep access to hacked networks

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and ...
JD Supra

Glasswing widens: Anthropic puts Mythos inside power, water and hospital operators across more than 15 countries

Anthropic on Tuesday expanded Project Glasswing beyond its roughly 50 initial partners, extending access to a new cohort of approximately ...
Microsoft

AI brands as bait: How threat actors are using the AI hype in social engineering

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. In recent months, Microsoft Threat ...