Hackers injected credential-stealing malware into the Bitwarden CLI tool via a supply chain attack on the NPM package, ...

Three supply chain attacks hit npm, PyPI, and Docker Hub between April 21–23, 2026. All three targeted secrets: API keys, cloud credentials, SSH keys, and tokens from developer environments and CI/CD ...

As biz agentic bot-wrangling intensifies, company says AI orchestration, security and infrastructure tools on the way ...

Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...

Microsoft officially announced TypeScript 7.0 Beta on April 21, 2026. The company says TypeScript 7.0 is often 10 times faster than 6.0. The beta ships through @typescript/native-preview@beta and tsgo ...

Cloud platform provider Vercel said an attacker breached its systems and stole customer data after compromising a third-party ...

Cloud development platform Vercel has confirmed it suffered a security breach, after a threat actor claimed to be selling ...

Vercel has been hacked and had some customer credentials compromised after an employee's single OAuth token, which had been ...

Vibe coding platforms are powerful, but users often don't know what they created.

Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems ...

How mature is your AI agent security? VentureBeat's survey of 108 enterprises maps the gap between monitoring and isolation — ...