Bitwarden CLI 2026.4.0 was compromised via GitHub Actions in Checkmarx campaign, exposing secrets and distributing malicious ...

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...

Researchers have finally cracked Fast16, mysterious code capable of silently tampering with calculation and simulation ...

Check Point researchers have found that popular AI coding assistants are unintentionally leaking sensitive internal data, ...

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...

AI engineer Kyle Hessling merged two of Jackrong's Claude Opus 4.6 and GLM-5.1 distilled finetunes into a single ...

In March 2026, Trivy, one of the most widely used open-source vulnerability scanners in the Kubernetes ecosystem, was weaponized against the very organizations that relied on it for security.

Threat actors have been exploiting the BlueHammer Microsoft Defender vulnerability as a zero-day to gain System privileges.

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...

Users of GitHub's command-line interface (CLI) who value privacy, beware. The Microsoft-owned code-hosting platform has quietly begun collecting pseudonymous client-side telemetry from CLI users and ...

The compromise of a version of Bitwarden's CLI is connected to the ongoing Checkmarx supply chain campaign, but differences in the operational methods of both incidents are making it difficult to ...

A malicious version of the Bitwarden command-line interface (CLI) password manager was briefly distributed via the Node ...