SecurityWeek

Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm

A threat actor has published tens of thousands of malicious NPM packages that contain a self-replicating worm, security researchers warn.

Google flags an AI-powered malware which rewrites itself in real time

A new class of adaptive malware called PROMPTFLUX — capable of mutating its own code via LLMs - represents a major escalation ...
CSO Online

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser ...