The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft.

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

Sometime in early 2025, an attacker slipped malicious code into a Visual Studio Code extension, and a GitHub employee installed it. For several days, that extension ran quietly on the developer’s ...

Sometime in early 2025, a security researcher flagged a configuration file that could do something it was never supposed to: silently siphon API keys, cloud credentials, and signing certificates out ...

Anthropic said Thursday that Chinese state-sponsored hackers used its AI coding tool to conduct a “large-scale” cyberattack with limited human involvement. The hackers used AI’s agentic capabilities ...

To reach protected secrets, the macOS and Linux versions show a fake password dialog, then reuse the captured password to ...

Right now, across dark web forums, Telegram channels, and underground marketplaces, hackers are talking about artificial intelligence - but not in the way most people expect. They aren’t debating how ...