CSO Online

Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

The attack dominating financial services doesn't steal passwords. It resets MFA and steals the token.

Credential theft fell to 13% of breach vectors in 2026. Attackers now bypass MFA via help desk resets and OAuth token theft.

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
LondonLovesBusiness

Open Source Intelligence, or OSINT, involves collecting and analysing information that is publicly available online

Uncover the power of Open Source Intelligence. Learn how to collect and analyse publicly available information effectively.
Tech Times

AI vs AI Cybersecurity: Sysdig Documents First LLM-Agent Intrusion in the Wild

AI vs AI cybersecurity arrived in documented form on May 10, when an LLM agent drove a four-pivot intrusion to database exfiltration in under an hour with no human direction. CrowdStrike data puts ...
The Hacker News

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

North Korea-linked ScarCruft uses fake Microsoft Account alerts and ZIP files to deliver NarwhalRAT, a Python RAT built for ...
Microsoft

AI brands as bait: How threat actors are using the AI hype in social engineering

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...

FBI warns Microsoft 365 users of phishing scam. How to stay safe

In late May, the FBI warned U.S. residents of a new phishing scam, Kali365 targeting Microsoft 365 users. Here's how to ID, ...

FBI issues urgent Kali365 security warning for Teams, Outlook, OneDrive users

The FBI released an urgent security warning to the public about a fast-acting scam targeting Microsoft 365 users on Teams, ...
Forbes

How To Use AI Agents To Streamline Email Sorting And Boost Productivity

A laptop screens shows email as a person reaches out to start typing a message. Knowing how to use an AI agent to sort emails can help you reduce time and fix inefficiencies in your inbox. You open ...
Interesting Engineering

Game of Battleship helped computers get 82% better at finding hidden answers

Researchers at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) and Harvard’s School of Engineering and ...

Worrying open-source security issue 'BadHost' could affect millions of AI agents

The risk is "materially understated", researchers are saying as passwords and critical data can be exfiltrated.