A new malware is circulating in the npm ecosystem, stealing credentials and CI secrets and spreading autonomously.

Anthropic's new AI-powered code security tool may have triggered a market selloff this week, but venture capitalists aren't ...

Cybersecurity stocks, including the Amplify Cybersecurity ETF, are oversold on AI disruption fears. Read the full analysis here.

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

OpenClaw is a hot topic at the moment. But what is it and how can you use the 24/7 AI assistant in a safe way?

A convincing lookalike of the popular Huorong Security antivirus has been used to deliver ValleyRAT, a sophisticated Remote ...

A self-replicating npm worm dubbed SANDWORM_MODE hits 19+ packages, harvesting private keys, BIP39 mnemonics, wallet files and LLM API keys from dev environments.

These early adopters suggest that the future of AI in the workplace may not be found in banning powerful tools, but in wrapping them in a layer of measurable, real-time governance ...

New bilingual platform allows guests to instantly share photos via QR code—no app required—preserving traditions from ...

According to PwC’s Digital Trust Insights 2026 survey, AI now tops the list of investment priorities for Chief Information Security Officers (CISOs) worldwide, a sign that enterprises are finally ...

After a two-year search for flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt ...

The malicious version of Cline's npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.