Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.

Six security teams shipped six OpenClaw defense tools in 14 days. Three attack surfaces survived: runtime semantic ...

Mandiant has identified a novel method to bypass browser isolation technology and achieve command-and-control operations through QR codes. Browser isolation is an increasingly popular security ...

An N-day vulnerability in Microsoft Word exposes nearly 14 million assets. Attackers can exploit this flaw to bypass security ...

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege ...

Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption ...

Researchers have discovered malicious code circulating in the wild that hijacks the earliest stage boot process of Linux devices by exploiting a year-old firmware vulnerability when it remains ...

Most enterprise software governance frameworks rely on the assumption that software authorship can be reasonably bounded and clearly defined by role. AI code generation has quietly made that ...

Shares of several major cybersecurity providers dropped today after Anthropic PBC introduced a tool for finding software vulnerabilities. The offering is called Claude Code Security. It’s available as ...

RSA Conference 2026 - Sysdig, the leader in real-time AI-powered cloud defense, today announced runtime security for AI coding agents, enabling organizations to safely adopt autonomous development ...

Anthropic’s Claude Code Arms Developers With Always-On AI Security Reviews Your email has been sent Claude Code just got sharper. Anthropic has rolled out an always-on AI security review system that ...