A critical flaw in the open-source AI platform Flowise has been disclosed, along with working proof-of-concept (PoC) code, ...

AI vs AI cybersecurity arrived in documented form on May 10, when an LLM agent drove a four-pivot intrusion to database exfiltration in under an hour with no human direction. CrowdStrike data puts ...

Open source Git service Gogs is affected by a critical-severity zero-day vulnerability that exposes servers to remote code execution.

Secluso is a private, open-source, DIY home security camera system built around the Raspberry Pi Zero 2 W, featuring true end-to-end encryption (E2EE) and ...

Two months after Rapid7 discovered the hole in the Git service, the project maintainer has yet to patch the bug.

CrowdStrike, Google and the Shadowserver Foundation worked together to take down a botnet that poisoned over 300 GitHub ...

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

Coinbase's x402 protocol has processed $50M in USDC payments across 2,000+ APIs, and OpenRouter is transitioning to the ...

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...