SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.

Socket raises $60M to expand AI-driven software supply chain security and protect developers from cyber threats worldwide.

A new front has opened in the U.S.-China competition in artificial intelligence: open-weight, local AI models. Until recently, the most capable AI models were too big and too costly to run anywhere ...

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard ...

Then imagine it replying: "Sorry, the website won't let me in." That's the quiet failure mode behind most AI agents today. They can think, but they can't really act on the live web — websites block ...

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a supply-chain attack on a popular open-source JavaScript toolkit called ...

North Korea-linked hackers have upgraded the InvisibleFerret malware to bypass script-based security tools, converting its Python code into compiled modules that are harder for defenders to inspect ...

Flathub AI ban now covers code, metadata, build scripts, and pull requests, with permanent bans for repeat violations. Linux ...

Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data.

Compare top AI app builders for prototyping, mobile apps, internal tools, backend depth, security, pricing, and code ...

Anthropic has silently patched a vulnerability that would have allowed an attacker to bypass the Claude Code network sandbox.