Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
PCMag

2.7M Employee Records Stolen, 100GB of Anime Fan Data Lost, and Millions of Crime Tips Leaked

Hackers hit a benefits provider, an anime streaming service, and a crime tip platform—exposing millions of sensitive records.

A simple coding mistake is exposing API keys across thousands of websites

A large-scale study has revealed that websites are unintentionally exposing API keys tied to services like AWS, Stripe, and OpenAI, with most leaks traced back to publicly accessible JavaScript files.

CISA: New Langflow flaw actively exploited to hijack AI workflows

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Millions of Anonymous Student and Crime Tips Exposed in Major Data Breach

A reported breach of P3 Global Intel exposed millions of anonymous crime and school safety tips, raising new concerns about ...