Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

Nvidia dominated tech news this week, as its hold on the artificial intelligence factory boom only tightened at its annual GTC conference in San Jose. It introduced a raft of updated chips and ...

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching cycles.

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...

Independent researcher Simon Willison raises questions about hidden Series A and B rounds, investor windfalls, and whether a key piece of Python infrastructure just became a competitive weapon in the ...

The acquisition of Astral comes at a time when OpenAI is rapidly growing it developer platform. Since the start of this year, Codex has seen its usage increase five-fold, and it now boasts over 2 ...

OpenAI on Thursday announced the acquisition of Astral, the developer of open source Python tools that include uv, Ruff and ty. It says that it plans to integrate them with Codex, its AI coding agent ...

From idea to live app in minutes: a straightforward, five-step way to start building with AI—no coding experience needed.

UC San Diego cognitive scientist Philip Guo created Python Tutor, a free tool that makes code “visible” step by step. The research behind it earned a Test of Time award, recog ...

You can now run LLMs for software development on consumer-grade PCs. But we’re still a ways off from having Claude at home.

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...