A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full ...

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...

UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...

Check Point researchers have found that popular AI coding assistants are unintentionally leaking sensitive internal data, ...

Lovable's API exposed source code and database credentials for 48 days after the company closed a bug report. Up to 62% of AI ...

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...

Zero trust has reshaped how organizations secure user access. Multifactor authentication, single sign-on and continuous posture checks are now standard for human identities. But the same rigor rarely ...

The data from this year's State of Secrets Sprawl report shows that AI is not creating a new secrets problem; it is accelerating every condition that already made secrets dangerous.

A slew of updates from Cloudflare includes its Mesh private networking fabric for AI agents and its Registrar API interface, ...

Keep your agents close and your agent-monitoring software closer. Commvault’s new AI Protect can discover and monitor AI ...

Stop letting AI pick your passwords. They follow predictable patterns instead of being truly random, making them easy for hackers to guess despite looking complex.