The Next Web

The AI industry’s model and agent skill repositories are full of malware. The infrastructure built to accelerate development is now the vector for compromising it.

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.
CSO Online

Ollama vulnerability highlights danger of AI frameworks with unrestricted access

Dubbed Bleeding Llama, the flaw gives attackers direct access to sensitive data stored in the most popular framework for ...
Decrypt

DeFi Platform TrustedVolumes Hit by $6.7M Exploit

The liquidity resolver used by multiple DeFi protocols was hit, with DEX aggregator 1inch claiming no impact on its systems.
The Security Ledger

How Claude Planted Malicious Code In A Crypto-Trading App

A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...
TheStreet.com

Another DeFi company loses millions in fresh exploit

Volo Protocol, a yield-generating platform built on the Sui blockchain, confirmed on Tuesday that it suffered an exploit that drained approximately $3.5 million in assets. The attack targeted specific ...
CoinTelegraph

Aave deposits fall by $15B as Kelp exploit sparks flight from DeFi lender

Aave’s supplied balance has tanked since the Kelp DAO bridge exploit, as users pull funds amid uncertainty over how much of the rsETH-linked shortfall the protocol will ultimately absorb. Aave, the ...
CoinDesk

LayerZero blames Kelp's setup for $290 million exploit, attributes it to North Korea's Lazarus

LayerZero has placed responsibility for the $290 million Kelp DAO exploit on Kelp's own security configuration, saying the liquid restaking protocol ran a single-verifier setup that LayerZero had ...
TheStreet.com

Major DeFi hack becomes the largest of 2026 yet

The cryptocurrency industry is facing a severe security crisis. In just under 20 days, digital asset platforms have lost more than $605 million to cyberattacks. The latest and most devastating ...
PC World

Unpatched Microsoft Defender flaw lets hackers gain admin access

PCWorld reports on the ‘RedSun’ vulnerability in Microsoft Defender affecting Windows 10, 11, and Server systems that allows attackers to gain administrative privileges. Security researcher Chaotic ...
Wall Street Journal

AI Is Finding Bugs That Hackers Can Exploit. Get Ready for Bugmageddon.

The software bug was capable of crashing an operating system used by firewalls, servers and network appliances. It went undetected for over 27 years. Last month, it was caught by Mythos, the latest AI ...
Forbes

Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...
TechRepublic

Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet

A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over systems, with no patch yet available. Attackers have been exploiting a ...