Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...
Sysdig says JADEPUFFER may be the first agentic ransomware case, exposing how AI agents can turn old credential failures into database destruction. JADEPUFFER is a warning about exposed AI ...
Researchers at Sysdig say they have observed, for the first time, a ransomware attack carried out almost entirely by an AI agent. According to the ...
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted ...
They're not bad; they're just prompted that way. Sysdig threat hunters documented what they say is the first-ever documented ...
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based remote access trojan (RAT). The list of identified packages, is below - ...
Explore the latest news and expert commentary on Endpoint Security, brought to you by the editors of Dark Reading ...
France’s OVHcloud bets on frontier AI as Europe seeks alternatives to US models The company says the cost of training frontier AI models has fallen sharply, but analysts say the bigger challenge may ...
Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...