A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from ...

Google Threat Intelligence Group warns of active supply chain attack on npm’s Axios library Malicious dependency ...

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...

The US cybersecurity agency CISA has flagged a critical code injection flaw in Langflow, the open-source visual framework ...

Threats actors pounced on the vulnerability within hours of its disclosure, demonstrating that organizations have little time ...

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...

On the morning of March 24, 2026, tens of thousands of software developers working on AI applications were unknowingly exposed to malware.