A severe vulnerability in the AI-powered development tool Cursor allows installed extensions to access locally stored API keys and session tokens without user action, according to LayerX researchers.
Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...
AI agents have become so advanced that non-experts can now use them to autonomously identify and write working code for DeFi ...
Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX ...
Researchers uncover a malicious npm dependency linked to an AI‑assisted code commit that steals sensitive data and exposes ...
From AI-powered scam detection to data removal and remote access blocking, here are the best tools to help protect your ...
Hackers rushed to target a critical LiteLLM SQL injection flaw to steal keys, credentials, and environment-variable ...
A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...
OpenAI was the genesis of the AI boom with the launch of ChatGPT in Nov. 2022, and it has been a juggernaut basically ever ...
Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...
A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...
Learn how to install and use Hermes Agent to automate complex tasks, benchmark AI models like GPT 5.5, and run iterative ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results