Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.

Overview:  AI coding tools are transforming software development, but strong programming fundamentals and system design ...

GitHub has introduced a significant update to its CodeQL engine, enabling developers to define custom sanitizers and ...

The semiconductor ecosystem is wrestling with fragmented standards, IP exposure, and the urgent need for runtime assurance.

Malicious code inserted into four SAP-related npm packages exposed developer workstations and automated build systems to credential theft, marking a sharp escalation in attacks against open-source ...

You can read more about it in our original coverage of the company here, but in short, instead of refracting light through ...

A malicious Hugging Face repository that reached the platform's trending list impersonated OpenAI's "Privacy Filter" project ...

Anthropic has introduced auto mode in Claude Code, enabling multi-step software development workflows with reduced manual ...

Unlike previous vulnerability disclosure slop, Grinstead said, the details provided by its harness-guided Mythos analysis, ...

Critical cPanel flaw under attack, Copy Fail Linux privilege escalation, TeamPCP supply chain campaign, GitHub RCE & major ...

To stop children from bypassing its age checks, Meta is revamping its age-verification tools with an AI system that analyzes ...

Researchers have published the first example of a synthetic sugar detection test for snake venom, offering a new route to rapid diagnosis and better antivenoms. Every five minutes, 50 people are ...