Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. In recent months, Microsoft Threat ...

Your weekly cybersecurity recap: a GitHub supply chain worm, an exploited Android flaw, Instagram account takeovers, and a ...

A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels.

Run two industry-standard scanners on the same container image and you will get two entirely different answers.

The AI company's Bumblebee tool tackles your most urgent question after any supply‑chain advisory: Do your programmers have ...

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to breach the servers running them and make off with sensitive data and ...

The OWASP-backed tool scans JavaScript and TypeScript lockfiles locally, aiming to help developers catch and remediate dependency risks before CI failures.

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate approximately 3,800 of GitHub's internal source code repositories — everythi ...

The Subnautica 2 Bioscanner upgrade can be yours a bit later in your run. That’s because you have to venture far to the east of the Lifepod. If you’re following our mini-walkthrough, then you need to ...

On May 11, the same day Google's Threat Intelligence Group disclosed the first confirmed case of attackers using AI to build a zero-day exploit, OpenAI launched Daybreak, a new agentic cybersecurity ...