Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

Among the wildest revelations in Claude Code's recent leak is that the AI coding tool is scouring user inputs for signs of ...

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.

A viral post about an AI chief of staff signals something bigger than productivity software. It signals a new class of worker ...

More than 1000 ComfyUI servers are exposed to the internet. Attackers exploit misconfigurations to add instances to a botnet.

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes configs, SSH keys, and automation pipelines before being removed.

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

Better AI interfaces, especially agents and mobile-linked tools, may unlock capability more than bigger models.