The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...

Foundation celebrates five additional members, new cyber reasoning sandbox project, and release of v1.0.0 Python Secure ...

Today, I’m pleased to introduce something I’ve been working on for the past six months: Shortcuts Playground, a plugin for ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.

Find the 6 best free inventory management software for small businesses in 2026. We review top tools like Odoo, Zoho, and ...

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.

The Microsoft-owed software developer platform, GitHub, has confirmed a third-party has gained unauthorized access to 3800 ...

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...

Ready to s-s-s-slither your way to victory?  Here's what you need to know about where to register, rules to follow and ...

Sometime around the last week of May 2026, attackers uploaded poisoned packages to three of the most widely used software ...