Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a vulnerability in the developers’ account workflow that gave access to its signing keys ...

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

Anthropic fixed a significant vulnerability in Claude Code's handling of memories, but experts caution that memory files will ...

As unloved as IBM’s PCjr was, with only a one-year production run, it’s hard to complain about the documentation available ...

CVE-2026-33626 exploited within 13 hours of disclosure, enabling SSRF-based cloud credential theft and internal scanning.

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

Open WebUI has been getting some great updates, and it's a lot better than ChatGPT's web interface at this point.

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...

The Chrome and Edge browsers have built-in APIs for language detection, translation, summarization, and more, using locally ...

DeepSeek V4 arrives in Pro and Flash variants with a 1M token context window, lower inference costs, and a stronger push into ...

Perplexity launches its “Personal Computer” AI assistant for Mac, enabling users to automate tasks across apps, files, and ...