ServiceNow discloses security incident exposing customer data

ServiceNow is warning about a security incident after attackers exploited an unauthenticated access flaw through a vulnerable ...
Nature

Bots are scraping open data — how should researchers respond?

The snowballing ability of artificial intelligence to trawl open data sets has some scientists worried about losing control ...

New GitHub Zero-Day Exposed Developer Tokens to Attackers

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...
CSO Online

Claude Code has an MCP security problem — and your developers are already using it

The Mitiga disclosure is the most recent, but it is not the first time Claude Code’s configuration model has created a ...
The Next Web

A popular OpenAI Codex tool with 29,000 weekly downloads has been quietly stealing developer tokens for a month

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.
SecurityWeek

OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds

CVE Lite CLI helps developers quickly identify and fix vulnerable npm dependencies during development, reducing delays and ...
TWCN Tech News

Outlook keeps signing me out [Fix]

Many Outlook users have complained of getting logged out. The Enter your Username and Password keeps popping up! Some have experienced other login issues with this mailing app like being unable to log ...
Redmondmag.com

Supply Chain Attack Hits Microsoft GitHub Repos, AI Coding Tools

GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a supply chain attack aimed at developer workstations and AI ...