Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...

Whether you want simple fire-and-forget alerts or full two-way control, here's how to securely wire your AI agent into Slack.

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...

The terminal is fine. But if you actually want to live in your Hermes agent, here are the four best GUIs the community has ...

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

CollectivIQ, the world's first AI consensus platform for business intelligence, today announced a major expansion of its platform to help companies drive meaningful AI value. The platform ...

Try these extensions and you'll wonder how you ever lived without them!