Explore real-world engineering experiences from top tech companies.
Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.
A Russian national was sentenced to two years in prison for co-managing the TA551 botnet used in ransomware attacks against U.S.
This article covers an active device code phishing campaign abusing Microsoft 365's OAuth device authorization flow to compromise organizations across five countries.
The FCC has banned the import of new foreign-made consumer routers due to cybersecurity and national security concerns.
OpenAI introduces a Safety Bug Bounty program focused on identifying AI-specific abuse and safety risks.
This article explains GitLab's auto-dismiss vulnerability policies, which let security teams codify triage decisions and apply them automatically across pipelines.
TeamPCP compromised litellm Python package versions 1.82.7 and 1.82.8 by exploiting the package's use of Trivy in its CI/CD pipeline, embedding a three-stage malicious payload.
A malvertising campaign active since January 2026 targets U.S.
This article covers the FAUX#ELEVATE phishing campaign targeting French-speaking corporate environments with fake resume files that deploy credential stealers and cryptocurrency miners.
Databricks announces Lakewatch, an open, agentic SIEM built on lakehouse architecture to counter AI-driven cyberattacks at machine scale.
Databricks introduces Lakewatch, an Open Security Lakehouse, built in partnership with National Australia Bank (NAB) to address modern AI-era cyber threats at enterprise scale.
Researchers uncovered a malicious npm campaign called Ghost/GhostClaw using 7 fake packages to steal cryptocurrency wallets and developer credentials.
TeamPCP, the threat actor behind the Trivy supply chain attack, has compromised two Checkmarx GitHub Actions workflows using credentials stolen from the earlier breach.
GitHub
AWS
Google Cloud
The Hacker NewsGoogle CloudAWS
The Hacker News
GitLab
Databricks