New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
Dark Reading

Attackers Use AI to Automate EDR Evasion Testing

Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows ...
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

Agentic AI arrives for Delphi and C++ Builder

Embarcadero has released Kai, an agentic AI assistant for RAD Studio, an IDE (integrated development environment) for Delphi ...

AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...
InfoWorld

Microsoft’s open-source toolkit for controlling out-of-control AI agents

The Agent Governance Toolkit brings runtime policy enforcement to autonomous agents, targeting the OWASP top 10 agent risks.
Dark Reading

Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories

The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.

The Agentic Reckoning: Enterprise AI organizations have a runtime problem, not a model problem — and most are building the wrong solution

VentureBeat surveyed 132 enterprise AI leaders: the production failure point isn't the model — it's the runtime layer most ...
Infosecurity Magazine

Threat Actor Uses AI to Build EDR Evasion Tools

A threat actor has been observed using AI coding tools to develop and refine malware designed to slip past endpoint detection ...

If cores are what agents crave, Intel's new Clearwater Xeon 6+ might just quench their thirst

COMPUTEX 2026 Intel’s Clearwater Forest Xeons were originally designed to power telco networks, SaaS apps, and other ...

Iranian government, not hacktivist group, breached LA Metro system, security firm says

A report by Israel-based Gambit Security dismisses the hackers’ claims of being patriotic but unaffiliated activists.
Tech Times

AI vs AI Cybersecurity: Sysdig Documents First LLM-Agent Intrusion in the Wild

AI vs AI cybersecurity arrived in documented form on May 10, when an LLM agent drove a four-pivot intrusion to database exfiltration in under an hour with no human direction. CrowdStrike data puts ...