Weekly ThreatsDay Bulletin: supply chain attacks, fake support lures, AI tampering, data leaks, ransomware, and exploited flaws.

OpenSquilla is an open-source Python AI agent with ML model routing, four-tier memory, and syscall-level sandbox isolation.

A fake repository mimicking OpenAI’s Privacy Filter on Hugging Face accumulated ~244,000 downloads before being removed. It delivered a multi-stage Rust infostealer ...

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...

Can AI really watch video, or does it just fake it? I tested my favorite AI tools on YouTube clips and local files to find ...

阿里妹导读文章从 Skill 的规范格式、三层渐进式加载机制、模型驱动触发逻辑出发，深入解析 Skill-Creator 的工程化开发范式。（文章内容基于作者个人技术实践与独立思考，旨在分享经验，仅代表个人观点。）前言Skill 不是 Prompt— ...

Companies exploring automated workflows would be well advised to keep their AI agents on a short leash. Microsoft researchers ...

Hermes Agent’s latest release shows how AI agents are evolving from assistants into self-improving tools that learn, build, ...

Criminal hackers have used artificial intelligence to develop a working zero-day exploit, the first confirmed case of its ...

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...

This vibe coding cheat sheet explains how plain-language prompts can build apps fast, plus the planning, testing, and ...

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...