AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...

I ditched my terminal for Claude's built-in code executor, and I'm not going back.

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe ...

Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...

Learn how Anthropic's dynamic workflows handle complex task orchestration and discover the best use cases to avoid high token ...

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Cybersecurity researchers create a five-step exploit chain using over-permissioned roles, secrets discovery, and NHIs to attack a popular low-code service.

CISA, the US government agency whose entire job is keeping America’s critical infrastructure safe from hackers, has had a ...

What is Syntax Verse Presale? Syntax Verse Presale is an early fundraising round for a Web3 marketplace project that says it runs in the Solana Ecosystem. Based on the available details, the sale is ...

You're currently following this author! Want to unfollow? Unsubscribe via the link in your email. Peter Steinberger is on a token spending spree. On Friday, the creator of OpenClaw posted a screenshot ...