Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
June was sweltering, but the summer heat didn’t slow down open-source software developers. Last month delivered a wave of app ...
Home Assistant 2026.7 simplifies automation with new intuitive triggers, an activity timeline, grouped updates, and many integrations.
A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
MotherDuck is launching Flights, an agent-native data pipeline that enables users to choose the MCP server and AI agent of their choice to build and deploy data pipelines in minutes using a flexible, ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
Navan and Vibe have launched Model Context Protocol servers to integrate AI in travel management, allowing enhanced data queries and booking functions.
In Safari Technology Preview 247, we’re introducing the Safari MCP server — a Model Context Protocol server for web developers that makes your web development and debugging workflow faster and more ...
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Nothing broke, so I never looked.