Malicious code inserted into four SAP-related npm packages exposed developer workstations and automated build systems to credential theft, marking a sharp escalation in attacks against open-source ...

Google researchers found evidence in the exploit’s code that it may have been created using AI, like a ‘hallucinated’ CVSS ...

Education technology giant Instructure has confirmed that a security vulnerability allowed hackers to modify Canvas login ...

The company said that it had identified, for the first time, hackers using artificial intelligence to discover an unknown bug ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Cybercriminals used an AI model to find and weaponize a previously unknown software flaw, Google's threat team confirmed ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Students attempting to access grades, study materials and quizzes were met instead with a message from a hacking group on ...

Thousands of schools around the US were paralyzed on Thursday after education tech firm Instructure shut down access to its ...

Weekly cybersecurity recap covering zero-days, malware, phishing, supply chain attacks, cloud threats, AI security risks, and ...

Claude Code vulnerability allows attackers to intercept OAuth tokens, enabling access to connected SaaS platforms and ...