GitHub has just announced the availability of custom images for its hosted runners. They've finally left the public preview ...

Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...

WASHINGTON, DC – The acting head of the nation’s cyber defense agency, Madhu Gottumukkala, uploaded sensitive government contracting material into a publicly accessible version of ChatGPT last summer, ...

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...

A Python package presented as a privacy-first shortcut to AI models has been unmasked as a supply-chain threat that quietly captures user prompts, leans on a private university service without ...

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.

Would you like a closer look at Claude? Someone at Anthropic has some explaining to do, as the official npm package for ...

TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...

Discover eight powerful ways to use Claude AI in 2026, from building apps to automating research and workflows, to save time and boost productivity.

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

Most file-sharing services are convenient—but they come at a hidden cost. Platforms like WeTransfer, TransferNow, and similar tools store your files on their servers, sometimes for days, even after ...