Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.

OpenAI has launched a new Codex desktop app for macOS that lets developers run multiple AI coding agents in parallel, shifting software development from writing code to managing autonomous tasks and ...

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.

This week’s cybersecurity recap highlights key attacks, zero-days, and patches to keep you informed and secure.

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a ...

Over the holidays, Alex Lieberman had an idea: What if he could create Spotify “Wrapped” for his text messages? Without writing a single line of code, Lieberman, a co-founder of the media outlet ...

When the creator of the world's most advanced coding agent speaks, Silicon Valley doesn't just listen — it takes notes. "If you're not reading the Claude Code best practices straight from its creator, ...

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. The ...

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...