This is the first part of a two-part series on AI and cybersecurity. Part 2 will look at how AI is being used to counter new cyberthreats. Cybersecurity experts are warning that generative AI is ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerability by December 12, 2025, amid reports of widespread exploitation.

See openssh.patch for a simple patch to openssh that logs any connection attempt with a public key N matching the backdoor format. The backdoor uses a hardcoded ED448 public key for signature ...

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence mechanisms and leverages Ethereum smart contracts for communication with the ...

This repository contains a proof-of-concept (PoC) exploit for CVE-2024-4577, a critical vulnerability affecting all versions of PHP running on Windows. The vulnerability allows attackers to execute ...

AI agents have crossed a critical threshold in offensive cyber capabilities, successfully identifying and exploiting zero-day vulnerabilities in live financial contracts without human intervention. In ...

AI firm Anthropic says its latest tests showed AI agents autonomously hacking top blockchains and draining simulated funds, signaling that automated exploits may now threaten blockchains like Ethereum ...

AI agents are getting good enough at finding attack vectors in smart contracts that they can already be weaponized by bad actors, according to new research published by the Anthropic Fellows program.