The Next Web

The AI industry’s model and agent skill repositories are full of malware. The infrastructure built to accelerate development is now the vector for compromising it.

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.

10 trillion downloads are crushing open-source repositories - here's what they're doing about it

Companies are treating these repositories like content delivery networks - now the Linux Foundation and colleagues are saying ...

Fake income tax emails target Indians: Kaspersky warns of 'SilverFox' hacker attack

Cybersecurity firm Kaspersky has warned Indian consumers about a sophisticated phishing campaign by the SilverFox hacker ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...

Why a 2017 Linux bug is now a major concern for the crypto industry

The Linux vulnerability affecting crypto infrastructure security A recently uncovered security flaw in Linux is drawing ...
Chicago Maroon

In His Last College Quarter, Ben Heim Is Building an AI Project Every Week

In his final quarter at UChicago, fourth-year Ben Heim has been taking his own advice. As president of the International ...
Communications of the ACM

Protecting Higher Education in the Age of AI

Yet AI is so readily available it’s hard for many students to resist using it, given their course load and the need to ...

MyDataWork Launches Workspace for Data Workers Supporting Agentic AI Adoption

MyDataWork emerges from Early Access with a workspace that organizes the analytical work agentic AI initiatives depend ...
SMEChannels

Kaspersky identified a new SilverFox campaign targeting Indian and Indonesian companies

The APT campaign involved disguising malicious files as documents related to tax violations. Upon infection, attackers could ...
Macworld

If you want efficiency, turn your phone into a scanner for just $40

The iScanner App is the modern replacement. Instead of relying on hardware, it turns your phone into a full document scanner, ...

New PCPJack worm steals credentials, cleans TeamPCP infections

A new malware framework called PCPJack is stealing credentials from exposed cloud infrastructure while actively removing ...

One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...