Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

A data breach at the city attorney's office led to a massive cache of LAPD files being dumped online. Here's what we know ...

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

A routine software update for Anthropic's Claude Code tool accidentally leaked its entire source code, sparking rapid community response. Within hours, a developer rewrote the tool in Python and then ...

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.

A team of researchers from UC Berkeley have demonstrated that eight AI agent benchmarks can be manipulated to produce ...

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

Managing multiple Claude Code projects doesn't have to be chaotic. My iTerm2 setup dramatically reduces friction in my daily ...

A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public ...

Preview of new companion app allows developers to run multiple agent sessions in parallel across multiple repos and iterate ...