In other news, a DHS database was hacked, Adobe is releasing patches twice a month, and Canada has disrupted ransomware operations.
When Ying Zhang was a doctoral student at Virginia Tech, she spent years learning to think like an attacker—probing software ...
IBM and Red Hat have launched Lightwell to automate vulnerability remediation across enterprise open-source software ...
According to Socket, malicious payment SDK packages on npm and PyPI are harvesting developer credentials and CI/CD ...
Google has released A2UI v0.9, a framework-agnostic standard for AI agents to declare user interface intent across multiple ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub ...
OpenAI launches Patch the Planet to help open-source maintainers find, validate and fix software bugs with AI and human review.
With a security initiative, OpenAI competes with Anthropic's Mythos and also offers a security review service for open-source projects.
The same day OpenAI announced the most significant expansion of its Daybreak cybersecurity initiative since the platform launched in May, intelligence agencies from all five nations of the Five Eyes ...