Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

OpenAI upgrades ChatGPT and Codex with GPT-5.5: ‘a new class of intelligence for real work’

OpenAI is capping off a busy week of announcements with the release of GPT-5.5, its latest model upgrade for ChatGPT and Codex. The company calls its new model “a new class of i ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Cybercriminals are tricking AI into leaking your data, executing code, and sending you to malicious sites. Here's how.
Security Boulevard

Vercel Breach: How a Roblox Cheat Download Led to a $2M Data Heist Through AI Tool OAuth Abuse

Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...
goskagit.com

Chainguard and Cursor Partner to Secure Agentic Coding with Trusted Open Source

Joint solution closes the software supply chain trust gap with secure-by-default artifacts for engineering teams building ...
LondonLovesBusiness

Top 10 new and promising API testing tools in 2025-2026

Explore the top 10 new and promising API testing tools in 2025-2026 that are transforming the testing landscape.
XDA Developers on MSN

I keep finding vibe coded apps that leak user data, and I'm not even looking for it

Vibe coding platforms are powerful, but users often don't know what they created.

Vercel confirms breach as hackers claim to be selling stolen data

Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems ...