Apr 15 · 6 min read · In January and February 2026, security researchers filed 30 CVEs against MCP servers in just 60 days. Among 2,614 surveyed implementations, 82% were vulnerable to path traversal. The worst offender, CVE-2025-6514, scored a CVSS 9.6 for remote code ex...
Join discussionApr 15 · 6 min read · In January and February 2026, security researchers filed 30 CVEs against MCP servers in just 60 days. Among 2,614 surveyed implementations, 82% were vulnerable to path traversal. The worst offender, CVE-2025-6514, scored a CVSS 9.6 for remote code ex...
Join discussionMar 26 · 5 min read · 📋 Top Headlines at a Glance DataBahn brings AI-driven intelligence into the security pipeline WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites GitHub adds AI-powered bug detection to expand security coverage Alleged RedLine i...
Join discussion
Mar 20 · 5 min read · 📋 Top Headlines at a Glance International joint action disrupts world’s largest DDoS botnets Semgrep Multimodal brings AI reasoning and rule-based analysis to code security Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation DoJ Di...
Join discussion
Mar 2 · 5 min read · One in five AI-generated code samples recommends a package that does not exist. Attackers are registering those phantom names on npm and PyPI with malware inside. The term for this is slopsquatting, and it is already happening. What Slopsquatting Act...
Join discussionFeb 17 · 4 min read · How to Protect Your Code Repository from Supply Chain Attacks in 2026 Supply chain attacks have become the most dangerous threat facing developers. In 2025 alone, over 700,000 malicious packages were detected across npm, PyPI, and other registries. T...
Join discussionFeb 17 · 4 min read · How to Protect Your Code Repository from Supply Chain Attacks in 2026 Supply chain attacks have become the most dangerous threat facing developers. In 2025 alone, over 700,000 malicious packages were detected across npm, PyPI, and other registries. T...
Join discussionFeb 17 · 5 min read · Dark Web Monitoring for Developers: Safeguarding Credentials and Code Repositories In the fast-paced world of software development, security is paramount. Developers are often entrusted with access to sensitive systems, proprietary code, and critical...
Join discussionJan 29 · 6 min read · 💡 Learning Objective: Defining SAST and why traditional SAST tools miss the semantic logic of AI code 📚 Category: Basics 📢 TL, DR: While Dynamic Testing (DAST) finds vulnerabilities in running apps, Static Testing (SAST) is required to secur...
Join discussionDec 11, 2025 · 2 min read · QR codes have become a major part of our everyday digital life. From restaurant menus and payment apps to event check-ins and online shopping, people use QR codes because they are quick, simple, and convenient. But as their popularity grows, so do th...
Join discussion
