CNCF launches Dapr Agents v1.0 at KubeCon EU, prioritizing crash recovery and durability over intelligence. Zeiss validates it in production.

A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...

The US cybersecurity agency CISA has flagged a critical code injection flaw in Langflow, the open-source visual framework ...

Threats actors pounced on the vulnerability within hours of its disclosure, demonstrating that organizations have little time ...

How I used Gemini to replace YouTube's missing comment alerts - in under an hour ...

GlassWorm uses Solana and Google Calendar dead drops to deliver RAT stealing browser data and crypto wallets, impacting ...

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

Supply chain attacks feel like they're becoming more and more common.