The malicious version of Cline's npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.

Codex can exploit vulnerable crypto smart contracts 72% of the time, raising urgent questions about AI-powered cyber offense and defense.

Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain ...

Darktrace researchers say hackers used AI and LLMs to create malware to exploit the React2Shell vulnerability to mine ...

Microsoft warns that Python-based infostealers are increasingly targeting macOS, harvesting sensitive data and challenging assumptions about Apple's malware immunity..

Adversaries weaponized recruitment fraud to steal cloud credentials, pivot through IAM misconfigurations, and reach AI ...

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux. On Windows, an ...

JetBrains just dropped a major update for its Python IDE, PyCharm 2025.3.2. PyCharm and Google Colab are normally treated like separate tools, with the former PyCharm for that serious, heavy-duty ...

Remember the WinRAR path handling exploit we reported on back in August? According to Google, that same flaw, officially dubbed CVE-2025-8088, is still being actively exploited, even though versions ...

Why the first AI-orchestrated espionage campaign changes the agent security conversation Provided byProtegrity From the Gemini Calendar prompt-injection attack of 2026 to the September 2025 ...

Note: This is the second of a two-part series on what 2026 holds in store for cybersecurity from both a technology and an executive management perspective. Today, we look at how resilience, executive ...

GameSpot may get a commission from retail offers. Marvel Rivals introduced an upgrade to its hero proficiency system last week, allowing players to earn new rewards. Many of these rewards--including ...