The smartest way to use AI may not be letting it touch your files, but asking it to write software that handles them safely - ...

OpenAI Codex helped Calif, an AI red-teaming security group, expose HTTP/2 Bomb, a denial-of-service attack that combines old HTTP/2 compression and connection-holding techniques against current ...

PCPJack built a 230-node SMTP relay from hijacked cloud servers, syncing verified proxies every five minutes for scalable ...

Security researchers are warning of an issue with the default HTTP/2 configuration used by major web servers which reportedly survived more than a decade of human review before showing up in ...

Meta’s Rust-powered linter and type checker for Python pairs blazing speed with advanced and innovative features.

Socket found seven malicious packages on PyPI The packages were abusing Gmail and WebSocket They were removed from the platform Several malicious PyPI packages were recently observed abusing Gmail to ...

GGUF parser vulnerabilities disclosed May 15, 2026 include a critical integer overflow that lets any malicious model file ...

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that compromised LiteLLM, a widely used open-source Python ...

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's how to audit your deployments.