A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...

Microsoft adds Grok 4.3 to Foundry with a 200K context window, native productivity tools, and Azure safety protections.

The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive ...

Mini Shai-Hulud hit 2 OpenAI devices via TanStack, exposing limited credentials and forcing macOS certificate updates by June ...

If you are building a simple dashboard or a form-based application, the traditional JSON API (REST or GraphQL) approach is ...

An attacker poisoned 84 TanStack npm versions across 42 packages, stealing GitHub OIDC tokens and cloud keys while planting a ...

Attackers compromised the official Mistral AI Python package on PyPI along with hundreds of other widely-used developer packages, exposing GitHub tokens, cloud credentials, and password vaults across ...

Thousands of software development teams whose CI/CD pipelines depended on LocalStack’s free community edition lost access to ...

Base creator Jesse Pollak announced on May 13 that the x402 payment protocol now supports batched settlement, in an X post.

Who won?: Gemini 3.1 Pro claimed first place in a multi-AI Python debugging challenge, outperforming ChatGPT and Claude. What was tested?: The flawed script contained syntax errors, path handling ...