UTSA: ~20% of AI-suggested packages don't exist. Slopsquatting could let attackers slip malicious libs into projects.

Is that CAPTCHA you just encountered real? Find out how fake CAPTCHAs are installing hidden malware and how to stay safe.

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...

Which tech jobs are actually hiring in 2026? Not always the ones you'd expect. The real growth is in roles that build AI's infrastructure—not just its code.

This desktop app for hosting and running LLMs locally is rough in a few spots, but still useful right out of the box.

TL;DR: Titus is an open source secret scanner from Praetorian that detects and validates leaked credentials across source code, binary files, and HTTP traffic. It ships with 450+ detection rules and ...

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

Over 260,000 users installed fake AI Chrome extensions that used iframe injection to steal browser and Gmail data, exposing ...

According to COC CEO David Shoemaker, the government funnels about $220-million annually to all the various sports organizations that make up the Canadian Olympic tapestry. They would like a raise – ...

Slop’ pull requests from LLMs are deluging maintainers, and you can generate small utility functions on your own in seconds. The open source world is grappling with AI.