Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal credentials and wallet data.

Hackers injected malware into 73 Microsoft GitHub repos on June 5, 2026. The attack targeted AI coding tools like Claude Code and VS Code. Read what happened.

Your browser does not support the audio element.

Belgian software vendor Aikido Security acquired Boston-based Root for $70 million to embed automated vulnerability ...

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

Google reportedly patched a flaw in the Vertex AI SDK for Python that could allow attackers to hijack model uploads and ...

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook for others to do the same to other chatbots.

Instagram has resolved a security issue that allowed several users’ accounts to get hacked. The attack appeared to rely on tricking Meta’s own AI-powered support chatbot into granting access to a ...

A Melburnian who arrived in Silicon Valley with only a suitcase and a laptop has sold his start-up to Qualcomm ... Read More ...

Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect to customers' Salesforce environments, as the new ...