Security researchers report a sharp rise in malicious open-source packages in 2026, with npm registry threats already surpassing 2024 totals. A new benchmark study found that popular detection tools ...

In the first five months of 2026, security researchers have flagged more malicious packages on the npm registry than in all ...

The professionalization of phishing demands a shift in defensive strategy. Signature-based detection that looks for known ...

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...

A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

Huang, a Ph.D. candidate studying computer science, is the first USC student to win the Machtey Award, a prestigious prize ...

In the news release, Bybit Uncovers AI-Assisted macOS Malware Campaign Targeting Users Searching for Claude Code, issued 21-Apr-2026 by Bybit over PR Newswire, we are advised by the company that the ...