13 articles
Google GTIG's May 2026 report documents a turning point: state actors now use AI to write zero-day exploits, build self-navigating backdoors, and poison the AI supply chain itself.
Autonomous AI agents are already inside enterprise environments — and most security teams have no idea what they're doing. Here's what attackers exploit and how to defend against it.
Google DeepMind published the first systematic taxonomy of AI agent manipulation techniques. Here's what each attack looks like in practice — and why most AI deployments are already vulnerable.
Anthropic built an AI that autonomously discovered a 27-year-old vulnerability in widely-used code. It can build working exploits from scratch. It's too dangerous to release publicly. Here's what that means for your bank, your government, your code — and the future of digital security.
Ollama, LM Studio, Jupyter Notebook — you installed them for privacy, but they may be broadcasting your data to your entire network. Here's what's actually happening and how to fix it.
MCP servers let AI assistants control your tools — but most users install them without understanding the attack surface. Here's what attackers already know.
OpenClaw went from 0 to 180,000 GitHub stars in weeks — and then came the RCE, 30,000 exposed instances, and a supply chain attack poisoning its entire skill marketplace.
Anthropic just unveiled Claude Mythos Preview — an AI model too dangerous to release publicly, but powerful enough to find vulnerabilities that evaded detection for decades. Here's what it means and how to get involved.
CVE-2025-32711 (EchoLeak) exfiltrated M365 data with zero user interaction. The Anthropic MCP server had three exploitable injection CVEs. OpenAI says AI browsers may never be fully fixed. Here's the full attack chain — and how to detect it.
AI agents are trusted to act on your behalf — but that trust is exactly what attackers exploit. Here's how AI agents get turned against you, and why you won't see it coming.
Xanthorox is an offline, modular AI attack platform with five specialized models — and it needs no cloud, no API, and leaves no traditional IoCs. Here's what defenders need to know.
AI has transformed social engineering into an automated, scalable threat. Learn how attackers leverage AI-powered phishing, deepfakes, and voice cloning—and what defenders can do about it.
Cybersecurity threats heading into 2025: AI-powered attacks, ransomware trends, and quantum threats — with practical security measures for the holiday season and beyond.