A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

The deal gives Anthropic tighter control over how developers connect Claude to software and business systems as AI vendors ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.

Developers are discovering that Model Context Protocol shines at providing AI coding agents with highly relevant software engineering context, on demand, at run time.

When (and why) does AI coding flip from promising to a security nightmare? Let's look under the coding hood.

Quant trading tools are becoming more accessible in 2026, although trading risk remains. AI trading bots are generally used ...

Google followed its Cloud Next '26 Gemini Enterprise Agent Platform rollout and its Antigravity CLI transition with a broader I/O 2026 agent-development stack spanning Agent Studio, Managed Agents API ...

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate ...

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...