Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

An initiative within the JavaScript community is attempting to offer an alternative to the way developers view npm packages via the web. The project is ...

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft ...

GitHub Copilot has added OpenAI’s GPT-5.4 coding model, bringing improvements to reasoning and multi step development tasks.

I'm taking the road less traveled.

OpenAI released Codex Security on March 6, an AI-powered application security agent that scans codebases for vulnerabilities, validates findings in sandboxed environments, and proposes patches. The ...

With zero coding skills, and in a disturbingly short time, I was able to assemble camera feeds from around the world into a ...

ActiveX is a Microsoft software framework that enables applications to share data across web browsers, enhancing functionality and security in computing.

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.

Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced attacks used for espionage and cybercrime.

TypeScript 6.0 RC represents the final major release built on the current JavaScript-based compiler. The upcoming TypeScript 7.0 will use a Go-based native implementation for enhanced speed and memory ...

Latest VS Code update introduces prepackaged bundles of chat customizations that can include skills, commands, agents, MCP ...