Bleeping Computer

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder’s research team built a new secrets detection method and scanned 5 ...

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...
InfoWorld

As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free

The OWASP-backed tool scans JavaScript and TypeScript lockfiles locally, aiming to help developers catch and remediate dependency risks before CI failures.
CPO Magazine

Security Flaw in Claude AI Chrome Extension Enables Attackers to Execute Privileged ...

A security flaw in “Claude in Chrome” enables any Chrome extension, including those without permissions, to execute ...
CRN

10 Hot AI Security Startups To Know In 2025

The rapid advancement of AI and agentic technologies has been dominant in the cybersecurity space in 2025 — with early-stage startups playing a central role in helping to protect the emerging AI ...