North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

ShellGPT makes the terminal user-friendly, saving time by generating commands, automating scripts, and guiding me through tasks.

It makes it much easier than typing environment variables everytime.

Security vendors have spent years building up defenses around the endpoint, but one researcher says AI coding tools have ...

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

Chainguard is racing to fix trust in AI-built software - here's how ...

GhostClaw, a macOS infostealer, is spreading through GitHub repositories and developer tools, and it works because routine ...

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, ...