OWASP launches its specific Top 10 for Agentic AI. We analyze how to protect autonomous agents executing critical actions in your cloud infrastructure. Read
Analysis of the eslint-plugin-unicorn-ts-2 package, which uses social engineering against AIs to steal credentials in development environments. Read
Cisco and Hispasec warn about CVE-2025-55182, a critical flaw affecting up to 40% of cloud environments that is already being actively exploited. Read
Analysis of the International Information Security Day and how national strategies drive a proactive cybersecurity culture. Read
A security firm reveals that over 120 malicious packages have been stealing developer credentials since August, exploiting a security 'blind spot' in NPM. Read
After the Shai-Hulud worm attack, GitHub announces major npm changes: Trusted Publishing, mandatory 2FA, and the end of legacy tokens. Read