Ultralytics, the company behind the YOLO family of object detection models, today introduced Ultralytics Platform, a comprehensive end-to-end vision AI platform featuring powerful SAM-powered smart ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain risks.

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Overview On February 11, 2026, NSFOCUS CERT monitored Microsoft’s release of its February security update patches, addressing 59 security issues across widely used products such as Windows, Azure, ...

A new security bypass has users installing AI agent OpenClaw — whether they intended to or not. Researchers have discovered that a compromised npm publish token pushed an update for the widely-used ...

VS Code Snap package bug on Linux keeps deleted files, clogging hard drives Snap creates separate local Trash folders per version, compounding storage issues No fix yet; users advised to install VS ...