Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...
InfoWorld

Best practices for building agentic systems

Which technologies, designs, standards, development approaches, and security practices are gaining momentum in multi-agent ...
Business Wire

Tufin Unveils Agentic Network Security, Built on the World’s Only Dynamic Network Connectivity Graph

BOSTON--(BUSINESS WIRE)--Tufin, the leader in network security posture management, today announced its strategy for Agentic Network Security, positioning the company as the foundational control layer ...
Morningstar

Tufin Unveils Agentic Network Security, Built on the World’s Only Dynamic Network Connectivity Graph

Company to Launch Autonomous Agents for Network Security Compliance, Posture Management, and Policy Management at RSA Conference 2026 Tufin, the leader in network security posture management, today ...
Infosecurity-magazine.com

Average Number of Daily API Attacks Up 113% Annually

APIs now represent the “dominant” attack surface for global organizations, with 87% registering a related security incident last year, according to Akamai. Now in its 12 th year, the security vendor’s ...
Bleeping Computer

Microsoft to enable Windows hotpatch security updates by default

Microsoft will turn on hotpatch security updates by default for all eligible Windows devices managed through Microsoft Intune and the Microsoft Graph API, beginning with the May 2026 Windows security ...
TechCrunch

Anthropic’s Claude found 22 vulnerabilities in Firefox over two weeks

In a recent security partnership with Mozilla, Anthropic found 22 separate vulnerabilities in Firefox — 14 of them classified as “high-severity.” Most of the bugs have been fixed in Firefox 148 (the ...
Liliputing

Motorola plans to ship phones with GrapheneOS (Google-free, security-hardened Android)

GrapheneOS is an open source, Android-based operating system that puts an emphasis on privacy and security features. It’s been stripped of Google apps and services and includes replacements including ...
TechSpot

A stolen Gemini API key turned a $180 bill into $82,000 in two days

AI Economy: A team of three developers in Mexico is facing a roughly 455× increase in monthly AI service expenses after an API key associated with their project was allegedly compromised. The key was ...
Android

Motorola Partners with GrapheneOS for Advanced Mobile Security

At the MWC 2026, Motorola announced a partnership with the GrapheneOS Foundation. Both companies will work to strengthen smartphone security and collaborate on future devices engineered with ...
CSOonline

‘Silent’ Google API key change exposed Gemini AI data

Google Cloud API keys, normally used as simple billing identifiers for APIs such as Maps or YouTube, could be scraped from websites to give access to private Gemini AI project data, researchers from ...