Supply chain chaos, old bugs, smarter phishing, and botnets everywhere — here’s what broke the internet this week.

North Korea-linked hackers have upgraded the InvisibleFerret malware to bypass script-based security tools, converting its Python code into compiled modules that are harder for defenders to inspect ...

Google prevents first known instance of 2FA cyber attack where hackers used AI-developed zero-day exploit; Know how to stay ...

Google’s Project Zero demonstrates a new zero-click exploit for the Pixel 10 phones, showing a full escalation from remote to kernel without user interaction. During the investigation Project Zero ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

GitHub has confirmed that hackers breached internal repositories through a poisoned VS Code extension after stolen source ...

Anthropic has introduced a new feature called Routines for Claude Code, allowing developers to configure automated coding ...

Here's what's at risk as Google warns of an AI-powered mass cyberattack.

Google says it has identified what may be the first known case where cybercriminals used AI to discover and weaponize a previously unknown zero-day vulnerability. Why it matters: Security researchers ...

Google said it disrupted a planned mass exploitation campaign involving a Python zero-day exploit likely developed with AI.

Google has not identified which LLM was used to develop the zero-day exploit, but has confirmed that its own Gemini AI was not involved.

阿里妹导读文章从 Skill 的规范格式、三层渐进式加载机制、模型驱动触发逻辑出发，深入解析 Skill-Creator 的工程化开发范式。（文章内容基于作者个人技术实践与独立思考，旨在分享经验，仅代表个人观点。）前言Skill 不是 Prompt— ...