In March 2026, someone hijacked a maintainer account for Axios, a JavaScript HTTP library downloaded more than 45 million ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Criminal hackers have used artificial intelligence to develop a working zero-day exploit, the first confirmed case of its ...

Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Cline is one of the most widely adopted open-source AI coding assistants, and its Kanban feature provides a web-based project ...

Google said Monday that it had disrupted a criminal group’s attempt to use artificial intelligence to exploit another company ...

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...

The actively exploited flaw builds on Dirty Pipe and Copy Fail techniques to overwrite page cache and gain full system ...

The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which ...

What happened?: Attackers took over a maintainer account for Axios and published malicious versions to npm, potentially impacting millions of downloads. Why it matters: CSA Singapore warns supply ...

Dive into The Register's online archive of incisive tech news reporting, features, and analysis dating back to 1998 ...