The exploit code was almost too neat. When Google’s Threat Intelligence Group flagged a previously unknown software ...

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...

Kiro, Spec Kit, Tessl, and Zenflow offer a more systematic and structured approach to developing with AI agents than vibe ...

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a vulnerability in the developers’ account workflow that gave access to its signing keys ...

May 4, 2026: Surprise! Kaiju Unleashed - the new name for Project Universe - is back a little early. Given it's in testing, though, we don't have any new Kaiju Unleashes codes for the Final wars ...

Vercel Labs released Zero on May 15, 2026 — a low-level systems programming language whose compiler was built from the ground ...

Thousands of software development teams whose CI/CD pipelines depended on LocalStack’s free community edition lost access to ...

Google identified the first malicious AI use for a zero-day 2FA bypass in an open-source admin tool, accelerating threat ...

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.