According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of ...
North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...
A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...
North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...
A malicious extension impersonating an ad blocker forces repeated browser crashes before pushing victims to run ...
ClickFix variant CrashFix relies on a malicious Chrome extension to crash the browser and trick victims into installing the ...
A new Arcjet SDK lets Python teams embed bot protection, rate limiting, and abuse prevention directly into application code.
Security researchers from Palo Alto Networks have discovered vulnerabilities used in some top Artificial Intelligence (AI) ...
Researchers discovered remote code execution vulnerabilities in three AI libraries from Apple, Salesforce and Nvidia used by ...
Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of downloads allow ...
The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results