GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

Google AI Studio Cheat Sheet: Features, Pricing, and More

Google AI Studio lets users test Gemini models, build apps, generate media, and export code. Here’s what it does, costs, and ...
Ventureburn

MEXC Review May 2026: Is It A Safe Crypto Exchange?

MEXC Futures M-Day is a promotional futures event in which customers trade USDT-M or Coin-M futures for a chance to win ...

OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks

Even with Lockdown Mode, ChatGPT could be still vulnerable to prompt injections, but the goal is to reduce the likelihood ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...

AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...
The Verge

Use this map to find the data centers in your backyard

Knowledge is power, so here’s how to find power-gobbling data centers near you. Knowledge is power, so here’s how to find power-gobbling data centers near you. is a policy reporter at The Verge ...
CoinDesk

Google engineer insider-traded search results on Polymarket, Feds allege

A Google security engineer, Michele Spagnuolo, was arrested and charged over alleged insider trading by placing bets on ...
Yahoo Finance

Cyera Extends AI Security to Anthropic's Claude Enterprise

New integration with Claude Compliance API allows customers to roll out AI at scale and confidently meet company and regulatory requirements NEW YORK, May 21, 2026--(BUSINESS WIRE)--Employees ...
Microsoft

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities

Microsoft exposes a cryptojacking campaign using SEO poisoning and ScreenConnect to target high-performance PCs, with ...