At least 15 malicious plugins found on the JetBrains Marketplace were designed to steal AI API keys from developers. The campaign, discovered by Aikido Security, includes plugins that act as AI coding ...
A security flaw in the Gravity SMTP WordPress plugin has drawn more than 17 million automated exploit attempts since early May 2026 — and every site that ran an unpatched version while those attacks ...
Two RabbitMQ flaws can expose OAuth secrets or queue metadata, with one potentially enabling full broker takeover in affected ...
At least 15 plug-ins for JetBrains IDEs transmit API keys to an external server, while otherwise offering their promised functions.
Google and Microsoft pulled ModHeader after researchers found a dormant collector built to encrypt and upload up to 1,000 ...
Grok Build CLI uploaded entire developer Git repositories — committed secrets included — to a Google Cloud Storage bucket ...
An evolution toward agentic commerce and autonomous AI tools has made commerce the world’s most targeted industry by cybercriminals, according to the latest Akamai (NASDAQ: AKAM) State of the Internet ...
Researchers have uncovered a sustained campaign using GitHub's public APIs and ghost accounts to profile enterprise software ...
Threat actors are exploiting a vulnerability in Gitea’s reverse-proxy authentication mechanism to access internet-accessible instances by supplying only a valid username.
The identity layer for AI agents is finally being built. What MCP, A2A and new research delivered since March, and what's ...
A critical flaw in Gitea's official Docker image let anyone impersonate an admin with one forged header. Sysdig spotted the ...
A new framework called SkillWeaver tackles AI agent tool routing by skipping full-library loading, cutting token use 99% on ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results