Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

A routine software update for Anthropic's Claude Code tool accidentally leaked its entire source code, sparking rapid community response. Within hours, a developer rewrote the tool in Python and then ...

This was not a case of stolen credentials, but rather of vulnerability exploitation.

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

AI-native applications are fundamentally different from traditional software: the AI model becomes the core, and everything else built around it is secondary. The result is a new class of software ...

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...

Anthropic brings Claude to Adobe Creative Cloud, Blender and more, enabling faster creative work with smart AI automation.

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

However, in a report published on April 15, researchers at Ox Security claimed that a flaw in the protocol could enable ...