The Information Machine

AI-Enabled Offensive Cyberattacks Escalate

Synthesis history

10 versions, newest first.

  1. Version 10 2026-05-26 18:45 UTC · 305 items

    Three additions this pass. First, GitHub published a 2026 security roadmap for GitHub Actions [^21536], the specific attack vector exploited in Mini Shai-Hulud — the first platform-owner institutional response to the CI…

  2. Version 9 2026-05-25 08:39 UTC · 291 items

    Three additions this pass. First, Zscaler ThreatLabz [^19707] and DreamFactory [^19708] establish March 2026 as a prior supply chain attack surge — five attacks in twelve days — repositioning May's wave as tempo acceler…

  3. Version 8 2026-05-25 05:04 UTC · 283 items

    Two substantive updates this pass. First, a second distinct supply chain attack—'TrapDoor'—has been documented hitting 34+ packages across npm, PyPI, and Crates.io simultaneously [^19084][^19085], confirming that the su…

  4. Version 7 2026-05-24 20:52 UTC · 250 items

    Three substantive updates this pass. First, the outside-in Mythos replication has moved from a ResearchGate paper to a full public GitHub repository (17372) by Keyvanhardani, with specific technical details—Claude Opus …

  5. Version 6 2026-05-24 09:15 UTC · 234 items

    Three substantive updates this pass. First, OpenAI's GPT-5.5-Cyber program has been upgraded from 'unverified, single social media source' to confirmed via an official OpenAI Blog post (7134) published May 7, 2026—four …

  6. Version 5 2026-05-24 03:22 UTC · 203 items

    Three substantive additions this pass. First, OpenAI's official post-incident blog (7254) provides the most specific blast radius account yet—two employee devices, code-signing certificates for iOS/macOS/Windows apps co…

  7. Version 4 2026-05-23 03:53 UTC · 89 items

    Two material changes this pass. First, TeamPCP has added a public leak threat to its Mistral sale listing—the group has stated it will publish the data if no buyer is found [^11618][^11622], escalating from criminal neg…

  8. Version 3 2026-05-22 19:54 UTC · 79 items

    The previously unverified TeamPCP Mistral breach claim has bifurcated: Mistral AI officially confirmed the breach [^9191] while simultaneously TeamPCP escalated to active monetization, listing Mistral source code for sa…

  9. Version 2 2026-05-21 09:21 UTC · 58 items

    The supply chain attack has grown dramatically in scale—from 84 packages to 314+ npm packages plus PyPI—and named victims now explicitly include OpenAI (confirmed breach) and Mistral AI (unverified 5GB data theft claim)…

  10. Version 1 2026-05-18 20:05 UTC · 2 items

    AI is being actively weaponized on both sides of the cybersecurity divide, with criminal actors and nation-state-level actors accelerating capabilities simultaneously. - A criminal threat actor used AI to find and explo…