A startup's autonomous AI agent found 21 zero-days in FFmpeg for ~$1,000. Meanwhile Chrome 149 patched a record 429 vulnerabilities in a single release.

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

DeepSWE is changing how AI coding models are tested after exposing benchmark loopholes used by Claude Opus. Here’s why ...

I ditched my terminal for Claude's built-in code executor, and I'm not going back.

I’ve briefly discussed this with Dr. Stallman, but to give a fuller picture to Dr. Schestowitz: the application is fully Free software, built from the ground up using entirely peer-to-peer, and end-to ...

The agent is doing the actual work, and VS Code is just a window.

Google has just dropped a critical browser security fix for 3.5 billion users—Chrome 149 patches an incredible 429 ...

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Hackers are exploiting a critical vulnerability in Mirasvit Full Page Cache Warmer to execute code remotely on Magento ...

Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories ...

Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. Local attackers can exploit the actively abused ...