The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...

The first MCP-compatible private programmable onchain routing layer for autonomous agents launches on Solana. Non-custodial, compliance-checked, built for AI. The future of AI-agent commerce cannot ...

A security researcher published six vulnerabilities in llama.cpp's model-file parser to the oss-security mailing list on May 15, 2026 — and none of them carry an assigned CVE number, meaning standard ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

CNCF graduation, Microsoft tooling updates and cloud-provider support show broader OpenTelemetry adoption across developer platforms.

DCI lets AI agents search raw files with grep and bash instead of embeddings — boosting accuracy 11 points and cutting ...

Is it the same this time, or do artificial intelligence (AI) and vibe coding upend the game? More generally, can AI and software engineering enter into a successful marriage? Are we about to witness ...

When (and why) does AI coding flip from promising to a security nightmare? Let's look under the coding hood.

A single developer. One poisoned extension. Five supply chain surfaces compromised in 48 hours. And a threat group claiming ...

A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always breaking in. They are ...

Open standard enables any vendor to implement zero-trust security for AI agents with verifiable conformance Agent ...