A serious security vulnerability in a widely used open-source Python component could put a large number of AI agents ...

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...

Open source robotics AI platform LeRobot surpassed 58,000 community datasets in 2026 — 50x growth in under a year — making it the largest dataset category on Hugging Face and signaling a ...

The four C&C channels used by GlassWorm, the botnet targeting open source software developers, have been disrupted.

The Open Source Security Foundation (OpenSSF), a cross-industry initiative of the Linux Foundation focused on sustainably ...

CrowdStrike, alongside Google and the Shadowserver Foundation, has disrupted the Glassworm botnet used to spread malware ...

Aaron Erickson discusses the evolution of AI workflows, shifting from "vibe checking" to building reliable, multi-agent frameworks. He explains how to combine deterministic software guardrails with ...

Downloading executable installer files from random websites is the best way to put malware on your Windows PC. Stop doing ...

North Korea-linked hackers have upgraded the InvisibleFerret malware to bypass script-based security tools, converting its Python code into compiled modules that are harder for defenders to inspect ...

The OWASP-backed tool scans JavaScript and TypeScript lockfiles locally, aiming to help developers catch and remediate dependency risks before CI failures.

In a joint operation, CrowdStrike, Google and Shadowserver Foundation disrupted infrastructure used by the Glassworm ...