Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

With a bonus script that puts any search tool to shame.

A compromised developer's repository serves as a worm-like infection vector to spread remote access Trojans (RATs) and other ...

ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian ...

Google has begun rolling out AI Overviews and Ask Gemini features in Google Drive to paid Workspace users, expanding beyond ...

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...

Shadow content, IP risk and brand drift are rising fast. Here’s how governance evolves to keep up without killing speed.

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...

IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals. Our analysis of this sample ...

Malicious npm packages have been identified distributing malware that steals credentials and attempts to spread across ...

OpenAI is rolling out GPT-5.5 in Codex, with a 400K context window and higher coding benchmark scores than GPT-5.4.

Google may expand its unsupported robots.txt rules list using HTTP Archive data and could broaden how it handles common ...