Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.

Microsoft shut down dozens of GitHub code repositories for Azure and AI coding tools after a reported hack.

OpenClaw input flaws let hidden contacts and phishing emails trigger code execution and data leaks, exposing agent trust ...

One of the most exciting challenges available to any software developer is that of writing brilliantly working code that’s so obtuse, so indecipherable, and opaque, that even its own author ...

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...

Chainalysis identified $36.7 million in losses from unverified DeFi contracts, warning that AI tools are making hidden smart ...

Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...

Researchers have analyzed a high-severity vulnerability in Linux that’s able to escalate untrusted users to root by ...

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

One day after the AI community erupted over invisible performance sabotage on Claude Fable 5, Anthropic has reversed course.

Anthropic research shows AI agents can autonomously achieve millions of dollars in exploits. Attackers stole at least $36.7 ...