Today is Microsoft' 2026 Patch Tuesday with security updates for 58 flaws, including 6 actively exploited and three publicly ...

A spear-phishing campaign by North Korean actors is abusing a legitimate feature of Microsoft Visual Studio (VS) Code to gain full remote control of targeted systems. In the campaign, discovered by ...

Also today, SAP released 27 new and updated security notes, including two that address critical-severity vulnerabilities.

A set of attack vectors in GitHub Codespaces have been uncovered that enable remote code execution (RCE) by opening a ...

A deep dive into how attackers exploit overlooked weaknesses in CI/CD pipelines and software supply chains, and how .NET and ...

First malicious Outlook add-in abused an abandoned domain to host a fake Microsoft login page, stealing 4,000+ credentials in ...

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...

OpenClaw, formerly Clawdbot and Moltbot, faces malware attacks as fake skills and extensions exploit trust in local AI tools.

A new GlassWorm malware attack through compromised OpenVSX extensions focuses on stealing passwords, crypto-wallet data, and developer credentials and configurations from macOS systems.

From technical compromise to AI-driven attacks, cyber criminals increasingly see software developers as prime targets, creating systemic risks CISOs must address.

This week, Italy blocked Russian cyberattacks targeting the Olympics. Flaws in SolarWinds, Ivanti and Microsoft Office.

Microsoft has patched six exploited zero-days in February 2026 Patch Tuesday, addressing 58 vulnerabilities and triggering ...