The Federal Bureau of Investigation (FBI) has issued a FLASH on the cybercriminal group TeamPCP, which has carried out large-scale software supply chain compromises by targeting widely used developers ...
The FBI has warned that TeamPCP compromised trusted developer tools to steal cloud credentials, deploy malware, extort ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Kaspersky says the attacks use phishing, GitHub-hosted payloads, CVE-2025-9491 LNK abuse, and Go2Tunnel-based tunneling.
A new framework called SkillWeaver tackles AI agent tool routing by skipping full-library loading, cutting token use 99% on ...
Menell] have shown that AI Large Language Models (LLMs) can fail to correctly distinguish between different instruction ...
Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
Researchers say a new jailbreak technique tricked AI models into treating attacker-written text as their own reasoning, ...