GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across developer systems.

OpenAI to acquire Astral, bringing Python tools like uv, Ruff, and ty into Codex as it moves from code generation to executing full developer workflows.

New Opentrons AI capability lets scientists simulate and visually inspect automated laboratory experiments before robots execute them.

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...

Threat actors have demonstrated just how quickly they operate today after exploiting a critical open source vulnerability ...

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...

Ocean Network links idle GPUs with AI workloads through a decentralized compute market and editor-based orchestration tools.

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, worm-like malware across dozens of packages, security firms say. Named CanisterWorm ...

Traders are using Claude AI to build automated Polymarket trading bots that scan news, detect mispriced probabilities, and execute trades.

Nvidia unveiled its open-source Agent Toolkit at GTC 2026, adding OpenShell, AI-Q, and major partners including Adobe, SAP, ...

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says.