Microsoft's AI Toolkit extension for VS Code now includes a Tool Catalog that can scaffold a Python or TypeScript MCP server with the core transport and registration plumbing already set up. In ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

Socket uncovers large-scale GitHub spam campaign abusing “Discussions” notifications Fake advisories with bogus CVEs trick ...

Wondering if Linux has AI companions that are as accessible, capable, and easy to use as Microsoft Copilot? Try these AI alternatives for Linux.

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

Neovim 0.12 introduces a native plugin manager and puts an end to "Press ENTER". The goal is an out-of-the-box editor.