Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.

GitHub has introduced a significant update to its CodeQL engine, enabling developers to define custom sanitizers and ...

The semiconductor ecosystem is wrestling with fragmented standards, IP exposure, and the urgent need for runtime assurance.

Instead of answers, the bank was offering a puny amount of money to keep quiet about it all, she said. She didn’t sign.

Malicious code inserted into four SAP-related npm packages exposed developer workstations and automated build systems to credential theft, marking a sharp escalation in attacks against open-source ...

A new paper from a group of researchers at the Darmstadt University of Applied Sciences shows a way to prevent these cheap ...

A woman strolls into a grocery store, thinking about grabbing some apples. Before she even reaches the produce aisle, a ...

You can read more about it in our original coverage of the company here, but in short, instead of refracting light through ...

Anthropic has introduced auto mode in Claude Code, enabling multi-step software development workflows with reduced manual ...

Threat actors are abusing Hugging Face and ClawHub to distribute malware by injecting indirect prompts into malicious files.

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...

More than 70 organizations, including the ACLU, EPIC, and Fight for the Future, say the AI smart glasses feature would endanger abuse victims, immigrants, and LGBTQ+ ...