Supply chain attacks feel like they're becoming more and more common.

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Python has made using Microsoft Excel much easier than it has ever been, and it isn't very hard to start using it yourself.

In the era of A.I. agents, many Silicon Valley programmers are now barely programming. Instead, what they’re doing is deeply, ...

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain.

From STEM classrooms to early-stage startups, the LiteWing Drone has found its way into the hands of students, makers, and engineers alike. Our goal with Litewing was to build this very same ecosystem ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Andrej Karpathy is pioneering autonomous loop” AI systems—especially coding agents and self-improving research agents—while ...