Source Code Exfiltration in Google Antigravity‍TL;DR: We explored a known issue in Google Antigravity where attackers can silently exfiltrate proprietary source codeBy hiding malicious instructions ...

New malware spreads via fake GitHub downloads, stealing browser passwords, crypto wallets, Discord tokens, and credit card ...

Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced attacks used for espionage and cybercrime.

Threat actors are operationalizing AI to scale and sustain malicious activity, accelerating tradecraft and increasing risk for defenders, as illustrated by recent activity from North Korean groups ...

According to new technical analyses from Google and mobile security firm iVerify, Coruna's technical core comprises five complete exploit chains and 23 distinct iOS vulnerabilities that ...

Developers can activate OpenAI’s new tool by giving it access to the code repository they wish to scan. According to the ChatGPT developer, Codex Security creates a temporary copy of the repository in ...

Verify has described the activity as the “first known mass iOS attack” campaign of its kind. Google said fragments of the exploit first appeared last February, with ties to an unnamed “customer of a ...

BlackBox AI, a popular VS Code coding assistant, has a critical indirect prompt injection vulnerability. Hackers can exploit this to gain remote root access to a user’s computer.