JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Anthropic launched Claude Sonnet 5 on June 30, 2026, with introductory API pricing at $2/$10 per million tokens and agentic ...
OpenAI API costs can spiral when agents run wild. Here's how to set spend limits, enable hard caps, and avoid surprise AI ...
DeepSeek speculative decoding framework DSpark went live June 27 on V4-Flash and V4-Pro, reporting up to 85 percent faster ...
ChatGPT Enterprise Slack integration gained write-scope connector actions on June 22 — joining channels, uploading files, ...
An attacker broke into competitive-intelligence vendor Klue, stole OAuth tokens its customers use to connect to Salesforce ...
A researcher claims an AI-assisted pipeline helped earn $500,000 in Google bug bounty payouts, raising API security and access-control concerns.
Its disclosure raises questions about what security researchers should expect from vendors, and how far in advance of its publication they should notify vendors about a bug. A vulnerability in ...
Google just made building autonomous AI agents significantly easier. At its I/O 2026 developer conference, the company unveiled the Managed Agents API, a new offering within the Gemini and Antigravity ...
Changpeng Zhao has asked developers to examine and rotate any API keys in code immediately after GitHub revealed on May 20 that hackers had gained unauthorized access to its internal repositories. The ...
Microsoft has identified an active supply chain attack targeting the @antv node package manager (npm) package ecosystem. A threat actor compromised an @antv maintainer account and published malicious ...