A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
Malicious npm packages mimicking Rollup polyfill tooling steal browser data, crypto wallets, and AI tool credentials in a Lazarus-linked campaign.
IBM and Red Hat launched Project Lightwell with $5 billion to patch open-source vulnerabilities faster than AI can discover ...
Part of the SD Times 100 2026 series. See the full SD Times 100 2026 list for every category and honoree. Application security has spent years maturing around a relatively stable assumption: a human ...
Hardwood, the project Gunnar Morling kick-started handling of Parquet files in Java, reached version 1. Its multi-threaded approach and zero mandatory external dependencies promise a simpler, more ...
Eighteen new GNU releases in the last month (as of June 30, 2026): apl-2.0: GNU APL is a free interpreter for the programming language APL. It is an implementation of the ISO stan ...
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Claude helped expose a critical flaw in a major festival ticketing platform that could've unlocked VIP passes and admin access.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results