Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...

Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...

Vibe coding is legit enough that enterprises need to start experimenting. Finding the right tool for your users and use cases is the first step.

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...

A compromised developer's repository serves as a worm-like infection vector to spread remote access Trojans (RATs) and other ...

Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub ...

Focus on the code, not the side work.

Gabriela Moreira, CEO of Quint at Informal Systems, is a research engineer specializing in programming languages and formal ...

IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals. Our analysis of this sample ...