InfoWorld

Attack targeting OpenAI Codex users exposes AI software supply chain risks

The incident highlights how attackers can hide malicious code in software packages that differ from the source code available ...
InfoWorld

Lack of response to critical vulnerability in Gogs is a reminder of the limits of open source projects

Two months after Rapid7 discovered the hole in the Git service, the project maintainer has yet to patch the bug.
CSO Online

Google leaks details for Chromium bug that can turn browsers into bots

Reported over three years ago and allegedly still not properly fixed, the vulnerability enables attacks to execute JavaScript ...
Ars Technica

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...
TechCrunch

Hackers have compromised dozens of popular open source packages in an ongoing supply-chain attack

In an ongoing cyberattack, hackers have compromised several popular open source projects that software developers all over the world rely on. On Tuesday, cybersecurity firms StepSecurity and SafeDep ...
Morning Overview on MSN

OpenAI asks all macOS users to update immediately after the TanStack attack forced the company to rotate its code-signing certificates

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a supply-chain attack on a popular open-source JavaScript toolkit called ...
The Next Web

Google found the first AI-generated zero-day exploit. It stopped the attack before it started.

Google identified the first zero-day exploit it believes was developed with AI and thwarted a planned mass exploitation event. The GTIG report documents state-sponsored actors from China, North Korea, ...
HotHardware

Google Detects First AI-Developed Zero-Day Exploit Used by Threat Actors

The May 2026 report from Google’s Threat Intelligence Group marks a definitive shift in the cybersecurity landscape. While previous assessments categorized AI-assisted cyberattacks as experimental, ...
BGR

Google Discovers The First Known Case Of Hackers Using AI To Create A Zero-Day Exploit

A new report from the Google Threat Intelligence Group (GTIG) reveals that sophisticated hacker groups have started using AI tools to help create and deploy zero-day exploits. The revelation confirms ...
techtimes

Google Discovers First AI-Made Zero-Day Exploit, Claims It Was Not Made With Gemini

Google has revealed that it has discovered a new zero-day exploit that was created using or with the assistance of artificial intelligence, claiming that this is the first-ever one in the tech ...
ExtremeTech

Google Says It Stopped the World's First AI‑Built Zero-Day Exploit

Google's Threat Intelligence Group says it has disrupted what it believes is the first real‑world zero‑day exploit developed with the help of AI. A major cybercrime group (which the Threat ...
The Verge

Google stopped a zero-day hack that it says was developed with AI

Google researchers found evidence in the exploit’s code that it may have been created using AI, like a ‘hallucinated’ CVSS score. Google researchers found evidence in the exploit’s code that it may ...