Security experts have identified three critical vulnerabilities in Anthropic's Claude Code, potentially allowing remote code execution and API key theft. Attackers could exploit malicious ...

Use the vitals package with ellmer to evaluate and compare the accuracy of LLMs, including writing evals to test local models ...

Anthropic fixed the flaws - but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users' machines and steal API ...

Orca has discovered a supply chain attack that abuses GitHub Issue to take over Copilot when launching a Codespace from that ...

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

A low-skilled threat actor was able to do a lot with the help of AI, Amazon researchers warn.

Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks.

A bad actor used AI tools to compromise more than 600 FortiGate appliances around the world in five weeks, Amazon says, the latest example of how hackers are increasing are using the technology to ...

RoguePilot flaw let GitHub Copilot leak GITHUB_TOKEN, while new studies expose LLM side channels, ShadowLogic backdoors, and promptware risks.

Announcing the Fabricate Data Agent, synthetic data generation via agentic AI. Plus, Structural's Custom Categorical is now AI-assisted, and Model-based Custom Entities are coming to Textual!