Starting on June 11, 2026, the Arch User Repository (AUR) was targeted by malware which rapidly compromised over 1,500 packages. The AUR repository allows for abandoned community packages to be taken ...

In Part 1, we covered why your security stack wasn't built for AI agents and how runtime hooks stop them before they act. Now: the two problems most security teams aren't watching. Pillar 2: Your ...

The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.

CVE-2026-48907 in the Joomla JCE plugin lets unauthenticated attackers drop PHP web shells with a single crafted request.

Developers on edge: React exploit exposed Posted: 1 June 2026 | Last updated: 1 June 2026 The React.js framework is reeling from the discovery of a critical vulnerability, CVE-2025-55182, that poses ...

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...

As the Village Voice’s Lisa Jones discovered when she went to Florida to cover the trial, teenage girls had a fairly blasé ...

Firefox recently added integrated AI support — a generally poorly received move among many Firefox users — that includes an AI chatbot integration for interacting with web pages. Florian Port ...

Z.ai pitches GLM-5.2 for long-running software engineering tasks The open-source model combines a one-million-token context window with architectural updates aimed at lowering the cost of ...

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...