Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

THE PROMISE at the heart of the artificial-intelligence (AI) boom is that programming a computer is no longer an arcane skill: a chatbot or large language model (LLM) can be instructed in simple ...

A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels.

GitHub Copilot multi-agent support for VS Code launched at Microsoft Build 2026 alongside Project Polaris, an in-house AI ...

Two contractors told Business Insider they earned up to $280 per hour on the ongoing project.

Slash Commands 正是为了解决这个问题而诞生的。表面上看，它们只是以 / 开头的命令，但其背后其实是一个带有一组 workflow 约定的具名任务入口。这也是本文将继续探讨的主题。 深入了解 Claude Code 中 Slash Commands 的作用、局限，以及它们为何正在被吸收到 Skill ...

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to breach the servers running them and make off with sensitive data and ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

Sometime around the last week of May 2026, attackers uploaded poisoned packages to three of the most widely used software ...