Bitwarden CLI 2026.4.0 was compromised via GitHub Actions in Checkmarx campaign, exposing secrets and distributing malicious ...

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

New capability intercepts and blocks malicious code at the point of execution, closing the critical gap between vulnerability ...

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down ...

The risks associated with leveraging open source libraries, and the review needed, are increasing. In the first half of 2025, cybersecurity researchers observed a sharp rise in the incidence of ...

Threat actors have used generative artificial intelligence (GenAI) to write malicious code in the wild to spread an open source remote access Trojan (RAT). It's one of the first observed examples of ...

Researchers from Sucuri found malicious code hiding in the mu-plugins directory The malware redirected visitors, served spam, and could even drop malware The sites were compromised through vulnerable ...

The open-source database management system Firebird is vulnerable in several ways. It can allow malicious code onto systems.

Hackers Can Hide Malicious Code in Gemini’s Email Summaries Your email has been sent Google’s Gemini chatbot is vulnerable to a prompt-injection exploit that could trick users into falling for ...

An unknown threat actor is deploying a large-scale, sophisticated cryptojacking campaign through a series of malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor, ...