Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as ...

LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...
TMCnet

Chainguard Launches Commercial Builds with Industry Leaders, Setting a New Standard for Verifiable, Zero-Vulnerability Software

Azul, Chainloop, Elastic, Expanso, F5 NGINX, Grafana Labs, Mattermost, Nirmata, Percona, Smallstep, and Tiger Data trust Chainguard for verifiably secure software with zero known ...
InfoQ

Beyond the Code: Hiring for Cultural Alignment

Alicia Collymore discusses the critical role of cultural alignment in building high-performing engineering teams. She ...
InfoQ

QCon London 2026: From Prompt to Production: How Spotify Builds Internal Tools in Days with AI

At QCon London 2016, engineers from Spotify presented how the company accelerates internal tool development using its ...
TMCnet

Chainguard Launches the First Unified Repository for Secure-by-Default Open Source Artifacts

AI coding tools and autonomous agents are generating more code, pulling in more dependencies, and interacting with open source at a scale humans have never seen before," said Dan Lorenc, CEO and ...
Hosted on MSN

Multiple mental health apps riddled with high severity security flaws

Oversecured found 1,500 vulnerabilities across 10 mental health apps with over 14 million downloads Exposed therapy transcripts, mood logs, medication schedules, and other sensitive data Therapy ...

Development Environment: Eclipse IDE 2026-03 enhances Java refactoring

The quarterly release of Eclipse IDE 2026-03 brings some new features alongside bug fixes, such as the Java refactoring ...
The Hacker News

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Interlock ransomware is actively exploiting CVE-2026-20131 (CVSS 10.0) in Cisco FMC, enabling unauthenticated remote code ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
MIT Technology Review

The Download: glass chips and “AI-free” logos

Human-made glass is thousands of years old. But it’s now poised to find its way into the AI chips used in the world’s newest ...