Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

If reinstalling software feels repetitive, these tools have some ideas.

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a supply chain attack aimed at developer workstations and AI ...

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

GitHub Copilot multi-agent support for VS Code launched at Microsoft Build 2026 alongside Project Polaris, an in-house AI ...

A security update closes a malicious code vulnerability in Docker for macOS. If attackers successfully exploit a security vulnerability in Docker on macOS, they can break out of the sandbox and ...

This vibe coding cheat sheet explains how plain-language prompts can build apps fast, plus the planning, testing, and ...

Microsoft says Win32 remains central to Windows decades later, showing how compatibility still shapes Windows 11 and enterprise apps. Microsoft has long promoted Windows 11 as its most advanced ...

PCWorld reports that Windows 11 still relies on code from the 1990s, particularly the Win32 API from Windows 95, for basic functions like right-clicking. Microsoft CTO Mark Russinovich acknowledges ...