A compromised Nx Console extension (v18.95.0) with over 2.2 million installations was used to distribute a credential stealer that exfiltrates developer secrets and can publish signed, legitimate-looking npm packages.
Vlad Feinberg outlines a practical career path in AI labs with a focus on kernel optimization and pretraining, emphasizing that the key skills—kernel-level performance tuning and translating abstract concepts into practical implementations—are learnable and immediately deployable.
Webmin is vulnerable to multiple security flaws that allow attackers to bypass two-factor authentication and execute root-level attacks, with security patches now available.
Security gaps in NGINX Open Source and NGINX Plus from F5 are being actively exploited, with one vulnerability leading to denial-of-service conditions.
Attackers published 639 malicious versions across 323 packages (279 from the @antv namespace) and exfiltrated credentials for AWS, Google Cloud, Azure, GitHub, and Docker access.
SHub Reaper bypasses Apple’s terminal protections through AppleScript execution, steals browser data and cryptocurrency wallet access, and spreads via fake WeChat, Miro, and QQ installers.
Interpol seized 53 malware and phishing servers across 13 MENA countries during Operation Ramz and arrested over 200 suspects affecting at least 3,867 victims.
The Canvas learning platform was taken offline after a cybercriminal gang claimed to possess data from 275 million users across nearly 9,000 educational institutions in an extortion attack.
In November 2025, a turning point in LLM development was reached: coding agents became production-ready, while competition for the best model intensified, leading the community to enthusiastically experiment with new possibilities and drive innovative infrastructure projects.
The weakness of modern identity architectures often lies not in individual systems but in the lack of control across grown structures; Identity Fabric provides a central orchestration layer to manage identities, policies, and access consistently across systems and identity types.
An analysis of millions of active devices reveals a clear shift in the threat landscape: network infrastructure has become a critical risk factor, with edge hardware leading the list of endangered device types for the first time.