A recently disclosed security flaw could turn 7-Zip into a powerful tool for cybercriminals seeking to spread malware online and compromise large numbers of PCs. The ...

Cybersecurity researchers create a five-step exploit chain using over-permissioned roles, secrets discovery, and NHIs to attack a popular low-code service.

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard ...

For more than a year, a self-propagating worm rode VS Code extensions, npm packages, and stolen developer credentials through ...

The best code editor might actually be your best everything editor.

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.

The dates for the 2026 Florida Python Challenge are set. Here's how last year's winner captured a whopping 60 pythons for the $10,000 grand prize.

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...

Vercel Labs released Zero on May 15, 2026 — a low-level systems programming language whose compiler was built from the ground ...

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix maps every blind spot and fix.