Supply chain chaos, old bugs, smarter phishing, and botnets everywhere — here’s what broke the internet this week.

North Korea-linked hackers have upgraded the InvisibleFerret malware to bypass script-based security tools, converting its Python code into compiled modules that are harder for defenders to inspect ...

Foreign hackers attempted a novel AI-powered cyberattack targeting two-factor authentication using a zero-day exploit. Google's Threat Intelligence Group detected and thwarted this sophisticated plot, ...

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...

Google’s Project Zero demonstrates a new zero-click exploit for the Pixel 10 phones, showing a full escalation from remote to kernel without user interaction. During the investigation Project Zero ...

Most teams are still securing access with static credentials built for human operators, not for autonomous agents. This ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...

Anthropic has introduced a new feature called Routines for Claude Code, allowing developers to configure automated coding ...

Here's what's at risk as Google warns of an AI-powered mass cyberattack.

Google claims to have thwarted a significant cyberattack by state-sponsored hackers using an AI-developed zero-day exploit. The vulnerability, which bypassed two-factor authentication in an unnamed ...

Google said it disrupted a planned mass exploitation campaign involving a Python zero-day exploit likely developed with AI.