The Rise of Malicious Repositories on GitHub: What Development Teams Need to Know

Discover how malicious GitHub repositories threaten supply chains. Learn typosquatting tactics, credential theft risks, and essential security practices for dev teams.

MCP Server Security: What 1,808 Audited Servers Reveal About AI Tool Integration Risks

Discover critical security risks in AI tool integration: 66% of 1,808 MCP servers audited have flaws. Learn what threats lurk in your AI agent connections.

Sign In with ANY Password: How a Missing "await" Broke Rocket.Chat Authentication (CVE-2026-28514)

Sign in with any password to any Rocket.Chat account. A missing await keyword caused a critical authentication bypass (CVE-2026-28514) affecting all versions before 8.0.0.

Fake Claude Code Install Pages Are Spreading Malware — What Your Team Needs to Know

Fake Claude Code install pages are spreading malware. Learn how attackers target developers, what to watch for, and how to protect your team from credential theft.

AI Agent Security: What 38 Researchers Found When They Stress-Tested Autonomous AI Systems

Discover what 38 security researchers revealed about AI agent vulnerabilities. Critical findings on autonomous system risks and defense strategies.

Red Teaming LLM Web Apps with Promptfoo: Writing a Custom Provider for Real-World Pentesting

Learn how Promptfoo's custom providers expose LLM vulnerabilities that traditional scanners miss. Master red teaming for AI security.

How One Amateur Hacker Used AI to Breach 600+ Firewalls Across 55 Countries — Without a Single Exploit

AI-powered credential attacks breached 600+ firewalls across 55 countries without exploits. Learn how weak defaults became a critical security blind spot.