Nvidia’s SchedMD acquisition puts open-source AI scheduling under scrutiny
“Slurm’s open-source foundation offers safeguards such as transparent code, forking ability, and community governance, but SchedMD’s control gives Nvidia soft...
code
Claude Code Packaging Error Remains a Lure in an Active Campaign: What Defenders Should Do
Key takeaways: Attackers rapidly leveraged the Claude Code packaging error incident to distribute credential-stealing malware using fake GitHub repositories. This demonstrates how quickly threat actors can...
SentinelOne autonomous detection blocks trojaned LiteLLM triggered by Claude Code
SentinelOne autonomous detection blocks trojaned LiteLLM triggered by Claude Code Pierluigi Paganini April 01, 2026 SentinelOne AI stopped a LiteLLM...
Anthropic accidentally leaks Claude Code
Anthropic accidentally leaks Claude Code Pierluigi Paganini March 31, 2026 Anthropic accidentally exposed Claude Code source via npm, causing the...
Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution
Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution Pierluigi Paganini March 30, 2026 Attackers are exploiting a critical...
Try our new dimensional analysis Claude plugin
We’re releasing a new Claude plugin for developing and auditing code that implements dimensional analysis, a technique we explored...
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
Cybersecurity researchers are calling attention to an active device code phishing campaign that's targeting Microsoft 365 identities across more than...
North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware
North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware Pierluigi Paganini March 24, 2026 North Korea-linked threat...
How to Enroll a Code Signing Certificate in Sectigo Certificate Manager?
Home » How to Enroll a Code Signing Certificate in Sectigo Certificate Manager? The process for allowing organizations to...
Amazon Lost 6.3 Million Orders to Vibe Coding. Your SOC Is Next.
The software industry has a new word for the torrent of low-quality, AI-generated code flooding production systems: slop. Merriam-Webster...
How to Download and Install SafeNet Authentication Client for Sectigo Code Signing Certificates?
Home » How to Download and Install SafeNet Authentication Client for Sectigo Code Signing Certificates? When using a hardware...
Ring doorbells: Won’t you see my neighbor? (Lock and Code S07E05)
This week on the Lock and Code podcast… On February 8, during the Super Bowl in the United States,...
CISOs in a Pinch: A Security Analysis of OpenClaw
Anthropic's Claude Code Security is a legitimate leap forward for pre-deployment vulnerability detection - and the market sell-off (Cybersecurity ETF...
Claude code abused to steal 150GB in cyberattack on Mexican agencies
Claude code abused to steal 150GB in cyberattack on Mexican agencies Pierluigi Paganini March 01, 2026 Hackers abused Claude Code...
Untrusted repositories turn Claude code into an attack vector
Untrusted repositories turn Claude code into an attack vector Pierluigi Paganini February 25, 2026 Flaws in Anthropic’s Claude Code could...
