4+ hour, 44+ min ago  (396+ words) Significant security flaws flagged in LangSmith, SGLang'SC Media Significant security flaws flagged in LangSmith, SGLang AI agent development and deployment platform LangSmith and high-performance large language model serving framework SGLang have been impacted by vulnerabilities that could allow attackers to…...

5+ day, 7+ hour ago  (212+ words) ENISA advisory outlines secure use of third-party software packages'SC Media ENISA advisory outlines secure use of third-party software packages The European Union Agency for Cybersecurity (ENISA) has released its inaugural Technical Advisory on the secure use of package managers, offering…...

5+ day, 16+ hour ago  (371+ words) The Cybersecurity and Infrastructure Security Agency (CISA) added a remote code execution (RCE) flaw in the open-source workflow automation platform n8n to its Known Exploited Vulnerabilities (KEV) catalog on Wednesday, requiring federal agencies to patch within two weeks. The vulnerability, tracked…...

6+ day, 14+ hour ago  (176+ words) Nx npm supply chain hack weaponized to breach cloud environment'SC Media Nx npm supply chain hack weaponized to breach cloud environment Threat operation UNC6426 achieved total compromise of an organization's AWS environment within 72 hours after harnessing keys exfiltrated during the August…...

2+ week, 9+ hour ago  (173+ words) DeepKeep launches AI agent security scanning solution'SC Media DeepKeep launches AI agent security scanning solution As reported by Silicon Angle, DeepKeep Ltd. has launched a new AI agent attack surface scanning and discovery solution designed to map risks within enterprise…...

2+ week, 1+ day ago  (543+ words) James is the CEO of DryRun Security, where he and his team built a team of AI-powered Contextual Security Agents that dryrun your code before it gets merged. They enforce policy, detect vulnerabilities (including logic flaws most tools miss), and…...

2+ week, 2+ day ago  (102+ words) According to The Register, the vibe-coding platform Lovable is under fire after a security researcher discovered significant vulnerabilities in one of its hosted applications, leading to a data leak affecting over 18,000 users. The platform's stance that users are responsible for…...

2+ week, 5+ day ago  (51+ words) SimpleWriter_ provided capabilities for unconditional file writing and hidden process execution, masquerading as a PDF utility. The analysis indicated a single threat actor was behind the campaign, which attracted over 4,500 downloads before takedown. Source: The Hacker News Steve ZurierFebruary 27, 2026 SC StaffFebruary…...

2+ week, 5+ day ago  (221+ words) Google API keys for Gemini AI pose security risk'SC Media Google API keys for Gemini AI pose security risk As reported by Bleeping Computer, Google API keys, previously considered safe when embedded in client-side code for services like Maps, are…...

2+ week, 5+ day ago  (93+ words) Trend Micro has issued fixes for two critical remote code execution flaws in the Apex One management console, according to Security Affairs. Aside from releasing Critical Patch Build 14136 to address these RCEs, Trend Micro also moved to remediate the Windows…...