Ohio man first person in US convicted under new federal deepfakes law

James Strahler, 37, pleaded guilty to cyberstalking, producing obscene visuals of child sexual abuse material, and publishing ...
CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...
InfoQ

Anthropic Accidentally Exposes Claude Code Source via npm Source Map File

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...
PCMag

LinkedIn Faces Spying Allegations Over Browser Extension Scanning

A German group claims LinkedIn is 'illegally searching' users' computers. But the Microsoft-owned site says it collects data ...
Infosecurity Magazine

How Security Leaders Can Safeguard Against Vibe Coding Security Risks

Infosecurity outlines key recommendations for CISOs and security teams to implement safeguards for AI-assisted coding ...
Security Boulevard

Using AI at Work? Here’s How to Avoid Accidentally Leaking Company Data

The rapid adoption of Generative AI Applications across enterprises has transformed productivity, automation, and decision-making. AI tools now power daily workflows by drafting emails, writing code, ...
SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Technical SEO for generative search: Optimizing for AI agents

Control how AI bots access your site, structure content for extraction, and improve your chances of being cited in ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

How Cloudflare’s Dynamic Workers Make Serverless Sandboxes 100X Faster

Discover the architecture behind Cloudflare's Dynamic Workers. Learn how they eliminate cold starts and make serverless sandboxes 100x faster for developers.