Sigma Computing seals $80M funding round as it pivots toward ‘agentic analytics’

Cloud-native data analytics startup Sigma Computing Inc. has closed on an $80 million Series E funding round that doubles its ...
The Next Web

Sigma Computing doubles valuation to $3 billion in Series E as agentic analytics race heats up

The San Francisco analytics company hit $200 million ARR in April, doubling year over year. Sigma Agents, its no-code AI product, became the fastest-adopted feature in the company's history.
Tech Wire Asia

Google says hackers are using AI to find zero-days and build malware

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...

Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...
CSO Online

PraisonAI vulnerability gets scanned within 4 hours of disclosure

A newly disclosed authentication bypass flaw (CVE-2026-44338) in PraisonAI drew near-instant probing, exposing risks from ...
Microsoft

When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps

Exposed UIs, weak authentication, and risky defaults could turn cloud-native AI apps on Kubernetes into potential targets by ...
Security Boulevard

Go fuzzing was missing half the toolkit. We forked the toolchain to fix it.

Go’s native fuzzing is useful, but it stands far behind state-of-the-art tooling that the Rust, C, and C++ ecosystems offer with LibAFL and AFL++. Path constraints are hard to solve. Structured inputs ...
The Hacker News

PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure

The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive ...

Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...
Morning Overview on MSN

Three separate supply-chain attacks hit npm, PyPI, and Docker Hub within 48 hours — all three targeted developer cloud credentials and SSH keys

Sometime around the last week of May 2026, attackers uploaded poisoned packages to three of the most widely used software ...
Morning Overview on MSN

Hackers poisoned the PyTorch Lightning AI package and it started stealing credentials the moment you imported it

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...