Chainguard, the trusted source for open source, today announced it has expanded Chainguard Libraries coverage across Python, Java, and JavaScript, with customers seeing 94% coverage across the Python ...

UTSA: ~20% of AI-suggested packages don't exist. Slopsquatting could let attackers slip malicious libs into projects.

Morgan Stanley Technology, Media & Telecom Conference 2026 March 2, 2026 2:30 PM ESTCompany ParticipantsEd Grabscheid - ...

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel domains to stage malware is a tactic that has been adopted by North Korea-linked ...

Canopy has launched its public testnet after a high-performing private phase that saw nearly 27,000 chains created and strong developer retention. The platform aims to simplify Layer-1 deployment ...

Adaptable robotic systems incorporating AI, new vision tech and low-code programming are being used to tackle frequent product changeovers and a variety of production tasks ...

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.

AT&T's chief data officer shares how rearchitecting around small language models and multi-agent stacks cut AI costs by 90% at 8 billion tokens a day.

OpenAI wants to retire the leading AI coding benchmark—and the reasons reveal a deeper problem with how the whole industry measures itself.

After a two-year search for flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt injection and more about bugs.

By late 2024, AI was generating roughly 29% of programming functions in the US in the GitHub repositories the researchers analysed.