Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

OpenAI announced they are extending the Responses API to make it easier for developer to build agentic workflows, adding ...

A May 20 execution has been scheduled for an Arizona man convicted of murder for fatally setting a man on fire during a 2002 ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

Cloudflare says dynamically loaded Workers are priced at $0.002 per unique Worker loaded per day, in addition to standard CPU ...

A hands-on test found that OpenClaw can work with VS Code for file-based drafting and source-driven synthesis, but the current experience is still centered on a local gateway and workspace model rathe ...

On March 19, 2026, a threat actor known as TeamPCP compromised Aqua Security’s Trivy vulnerability scanner – the most widely adopted open-source scanner in the cloud-native ecosystem. The attacker ...

Supply chain attacks feel like they're becoming more and more common.

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...