Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks.

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M installs.

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

Claude Opus 4.6 linked to a $1.78M DeFi hack after cbETH mispricing. Auditor Pashov and SlowMist cite oracle formula vulnerability concerns.

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.