Dell's support website broke last month.
Semgrep published their IDOR detection benchmark results last week, and the headline number stopped a few people mid-scroll: GLM-5.
Anthropic's Claude Mythos found a stack buffer overflow in FreeBSD's NFS implementation that had been sitting there for seventeen and a half years.
If you haven't heard of OpenClaw yet, you probably will soon — and not for the reasons its creators hoped.
Google just shipped what it's calling the biggest redesign of Search in 25 years, and within days, the whole thing falls over when you type a five-syllable...
For nineteen years, Pwn2Own has been the place where elite security researchers demonstrate zero-day exploits against real targets for cash prizes.
Georgia Tech's Vibe Security Radar project has been quietly counting since May 2025.
Two days ago at Red Hat Summit, the company that built its reputation on enterprise Linux announced something unexpected: your developer laptop needs...
Last Tuesday, Vercel and the React team dropped thirteen security advisories at once. Not a typo.
Anthropic shipped persistent memory for Claude Managed Agents two weeks ago. Rakuten says their agents cut first-pass errors by 97%.
Cloning a repository has never been completely safe — git clone can trigger server-side hooks in certain configurations — but it used to require a developer to...
A WHERE clause fixed multi-tenancy in 2015. Your SaaS app had one database, one schema, and a tenant_id column on every table.
Ox Security dropped a report on April 15 calling it "the mother of all AI supply chains.
Every major framework — LangChain, CrewAI, OpenAI Agents SDK, Google ADK — makes it trivially easy to give an agent the ability to send emails, execute code,...
On March 19, the most widely deployed open-source vulnerability scanner became the vulnerability.
Two critical vulnerabilities rocked the React and Next.js ecosystem in 2025.
Sometime in early 2026, we quietly crossed a line that would have sounded absurd three years ago: more than half of all code committed to GitHub is now either...
Chrome 142 introduced the Local Network Access permission prompt last year, and most developers shrugged.
Last month, researchers at Token Security dropped a vulnerability report that should have made every MCP server operator lose sleep.