One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...
Decrypt

Cybercrime Might Be the One Job AI Isn’t Taking, Study Suggests

A Cambridge-led study finds AI is not turning hackers into superhackers. It’s mostly helping them write blog spam.
Microsoft

Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise

Microsoft Defender Research observed a large-scale credential theft campaign that exemplifies this trend, using code of ...
The Hacker News

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

Critical cPanel flaw under attack, Copy Fail Linux privilege escalation, TeamPCP supply chain campaign, GitHub RCE & major ...
IEEE

FPDetection: False Positives Detection in Static Code Analysis with Deep Learning and LLM

Abstract: Security defects pose substantial risks to system integrity. SAP HANA Cloud, a secure database platform, undergoes regular static code analysis to enhance its robustness. However, a ...
GitHub

A minimal, secure Python interpreter written in Rust for use by AI.

Experimental - This project is still in development, and not ready for the prime time. A minimal, secure Python interpreter written in Rust for use by AI. Monty avoids the cost, latency, complexity ...