Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
The offices of Google are pictured in London on February 28, 2026. JUSTIN TALLIS/AFP via Getty Images Google released agents-cli on April 21, 2026, and it has shipped 13 updates in the 71 days since — ...
Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...
A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
Mozilla’s 0din team showed how a Claude Code malware GitHub repo attack could use a clean-looking repository to open a ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Every Python developer knows some or all of these libraries, because they’re stable, reliable, and excellent at what they do.
Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub ...
CData Software is launching three products for developers building AI applications on enterprise data: Connect AI Developer Edition (free), the CData Connect AI Python SDK (open source), and CData CLI ...
Eclipse Open VSX has reached 1.0.0, highlighting its role as a vendor-neutral registry for VS Code-compatible extensions.
CData CLI, is a command-line tool that enables developers to build and test integrations using CData’s connectors. The company says the tool is optimized for AI-assisted development environments while ...
A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...