Security researchers have uncovered covert infostealer malware hidden in one of the top-ranking repositories on Hugging Face, ...

Between May 6 and 7, it was dangerous to install JDownloader from alternative links on the site.

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

Critical out-of-bounds read in Ollama before 0.17.1 leaks process memory including API keys from over 300000 servers via ...

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

A previously undocumented .NET trojan and its companion Pheno plugin allow attackers to capture mobile authentication codes ...

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...

Ever wonder why packaging a Python app and its dependencies as a single executable is such a pain? Blame it on the dynamism ...

If a website tells you to manually install a “Windows update” from a big blue download button, close that tab immediately. Malwarebytes has just spotted a fake Microsoft support website ...

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...