GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

I started this as a side project, but my Windows Command Center suddenly became useful.

I stopped manually cleaning spreadsheets after Claude did it in minutes, and it's what it does better than any other AI.

A research team at Mohamed bin Zayed University of Artificial Intelligence published a finding in April 2026 that has gained traction in engineering circles for reasons that go beyond its headline ...

A fake repository mimicking OpenAI’s Privacy Filter on Hugging Face accumulated ~244,000 downloads before being removed. It delivered a multi-stage Rust infostealer ...