A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

A critical vulnerability in Cisco Secure Workload allows unauthenticated, remote attackers to gain Site Admin privileges.

Cisco has released security updates to address a maximum-severity vulnerability in Secure Workload that allows attackers to ...

A critical vulnerability in the on-premises version of the Cisco Secure Workload security platform could allow a threat actor to obtain the privileges of a site admin, enabling them to compromise ...

Universal Robots PolyScope 5 is affected by CVE-2026-8153, a vulnerability that can be exploited to hack industrial robots.

The four flaws in the rapidly growing AI agent framework allow attackers to steal credentials, escalate privileges, and ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...