We examine how AI is changing the future of work — and how, in many ways, that future is already here. Every tech company you can think of is jumping on the generative AI bandwagon and touting new ...

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...

A new wave of the Mini Shai-Hulud campaign compromised dozens of TanStack npm packages as part of a broader supply chain ...

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools ...

Checkmarx warned over the weekend that a rogue version of its Jenkins Application Security Testing (AST) plugin had been ...

TeamPCP compromised a Checkmarx Jenkins plugin in 2026, exposing supply chain security gaps and credential risks.

A tampered version of the Checkmarx Jenkins AST plugin has appeared in the Jenkins Marketplace. The attack has been assigned a CVE identifier (CVE-2026-33634) with a CVSS score of 9.4. Checkmarx has ...

Checkmarx warned that a malicious version of its Jenkins AST plugin was published in a software supply chain attack.

Researchers with an Israeli cybersecurity startup who were examining the trend toward shadow AI reportedly discovered that AI tools developers are using to quickly develop software – known as “vibe ...

It has been a bad six weeks for security firm Checkmarx. Over the past 40 days, it has been the victim of at least one supply-chain attack that delivered malware to customers on two separate occasions ...

Trivy is an open source vulnerability scanner maintained by Aqua Security. On March 16, TeamPCP injected credential-stealing ...