CSO Online

Unpatched ChromaDB flaw leaves servers open to remote code execution

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...
MacStories

Introducing Shortcuts Playground: Create Apple Shortcuts with Claude Code or Codex

Today, I’m pleased to introduce something I’ve been working on for the past six months: Shortcuts Playground, a plugin for Claude Code and Codex that can create any shortcut for Apple’s Shortcuts app ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...
eWeek

Google AI Studio Cheat Sheet: Features, Pricing, and More

Google AI Studio lets users test Gemini models, build apps, generate media, and export code. Here’s what it does, costs, and ...
Cybernews

GitHub confirms breach after hackers put stolen source code up for sale

GitHub has confirmed that hackers breached internal repositories through a poisoned VS Code extension after stolen source ...

Informatica goes fully headless as Salesforce delivers a trusted data foundation for every AI agent, everywhere

A US$3 million Stradivarius. A subway tunnel. And 52 lousy bucks in tips. That, in a nutshell, is why Informatica's first ...
Techlomedia

GitHub Investigating Unauthorized Access to Internal Repositories, Says Customer Data Not Impacted

GitHub has confirmed that it is investigating unauthorized access to some of its internal repositories. The company shared ...
Virtualization Review

Google I/O '26 Fills Out Enterprise Agent Stack with Managed Agents, ADK 2.0

Google followed its Cloud Next '26 Gemini Enterprise Agent Platform rollout and its Antigravity CLI transition with a broader I/O 2026 agent-development stack spanning Agent Studio, Managed Agents API ...

Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...
Microsoft

How Storm-2949 turned a compromised identity into a cloud-wide breach

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...
Tech Times

Voicebox Clones Any Voice From 3 Seconds of Audio, Runs Locally for Free, and Has No Consent Lock

A free, self-hosted voice-cloning studio built by Jamie Pine, the Canadian developer behind the Spacedrive file manager, has ...
i-SCOOP

Composer 2.5 in Cursor is built for long running coding work

Composer 2.5 brings stronger long running coding performance to Cursor, with targeted RL, Kimi K2.5 foundations, new pricing, ...