Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...

Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.

SearchLeak and a three-CVE LiteLLM chain broke the same AI trust boundary in two weeks. A 5-check audit maps each gap to a ...

Ky 2.0 is an open-source JavaScript HTTP client built on the Fetch API, featuring significant updates such as consolidated ...

Security researchers identified a coordinated malware campaign within the JetBrains Marketplace designed to exfiltrate ...

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...

Aikido Security found at least 15 integrated development environment (IDE) plugins on the JetBrains Marketplace which had ...

At least 15 malicious plugins found on the JetBrains Marketplace were designed to steal AI API keys from developers. The campaign, discovered by Aikido Security, includes plugins that act as AI coding ...

Real-world case studies show how the best crypto swap APIs help wallets, aggregators, and protocols improve onboarding and ...

Entering play Monday, Madison Keys was in strong shape to advance to the quarterfinal at the French Open. She was not only the higher seed, but was a perfect 3-0 against her opponent, Russian Diana ...

Google API keys aren't completely inactive after users delete them, giving attackers a small but significant window to continue abusing them. Joe Leon, researcher at Belgian startup Aikido Security, ...

Our modern in-cockpit tablet offers a seamless, intuitive interface for viewing PDFs, images, and text files in one centralized location. Built-in note-taking makes it easy to capture ideas, reminders ...