JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Social media services are home to a treasure trove of your personal data. Bluesky makes it easy for users to download it all.
Gemini Spark Mac beta lands on the existing Gemini desktop app, letting Google’s autonomous AI agent sort local files, ...
CVE-2026-12957 in Amazon Q is the third MCP auto-execution vulnerability in three AI coding tools. The pattern reveals a ...
Erik Steiger discusses the operational pain of legacy PDF generation in regulated banking and manufacturing. He explains how ...
Retell AI, the fastest-growing AI voice agent platform, today announced the launch of Conductor, the first graph-native review system for production voice agents. Conductor is an AI copilot that ...
Figma Config 2026 closed Thursday with Code Layers for GitHub-linked canvas editing, Figma Motion in open beta with CSS and ...
The LCP protocol works by organizations publishing standardized legal-terms files on their websites, which agents can check before completing transactions. Founding contributors include major ...
Big data management startup Komprise Inc. said today it’s introducing a major update to its platform with the launch of ...
Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
On March 30, BeyondTrust proved that a crafted GitHub branch name could steal Codex’s OAuth token in cleartext. OpenAI classified it Critical P1. Two days later, Anthropic’s Claude Code source code ...
Back in February, Valve gave Steam client beta users the option to share anonymized framerate data and hardware information with the company to “help us learn about game compatibility and improve ...