A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

If you're paying for software features you're not even using, consider scripting them.

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

AI coding tools like ChatGPT, Cursor, and Windsurf boost productivity with smart autocomplete, code generation, and IDE ...

Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

Among the wildest revelations in Claude Code's recent leak is that the AI coding tool is scouring user inputs for signs of ...

This technique can be used out-of-the-box, requiring no model training or special packaging. It is code-execution free, which ...

Anthropic’s Claude Code leak reveals how modern AI agents really work, from memory design to orchestration, and why the ...

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Anthropic's Claude Code has surpassed 20 million GitHub commits, but 90% of output has landed in repos with fewer than two ...

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...