The decentralized identity protocol said a compromised employee's laptop let attackers seize its bridges and mint tokens at ...

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. In recent months, Microsoft Threat ...

Perplexity introduced Search as Code as a reference architecture for AI-written Python search workflows, following its 2025 real-time Search API. The new approach shifts the pitch from repeatedly ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

The tokenization specialist behind BlackRock's BUIDL fund could begin trading on the NYSE as SEC approves merger registration ...

I ditched my terminal for Claude's built-in code executor, and I'm not going back.

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...

Anthropic's Daniela Amodei weighs in on tokenmaxxing, AI adoption, and why companies shouldn't force AI use.

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...