A tiny Python script triggered a major Linux failure in a way that few users would expect. The incident shows how even small ...

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

Stolen credentials produced valid Sigstore certificates, clearing 633 malicious npm packages — one of seven developer tool ...

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

The 2026 picoCTF competition has officially expanded with more challenges than ever before, yet the transition from the block-based logic of Karel to the raw Python scripting required for CTFs remains ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Google identified the first malicious AI use for a zero-day 2FA bypass in an open-source admin tool, accelerating threat ...

On May 11, the same day Google's Threat Intelligence Group disclosed the first confirmed case of attackers using AI to build ...

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...

Overview:  AI coding tools help developers write code faster, fix bugs more easily, and spend less time on repetitive work. Many tools also help with testi ...

As AI becomes more capable of identifying vulnerabilities and analysing attacks, companies are beginning to use it for defence as well.

May 2026 dropped three critical Linux vulnerabilities on a near-weekly cadence, and the security discourse has mostly treated them as three separate bad days. They’re not. Together they form a ...