GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

Security News This Week: The FBI Wants ‘Near Real-Time’ Access to US License Plate Readers

Plus: Google publishes a live exploit for an unpatched flaw, the feds arrest two men accused of creating thousands of nonconsensual deepfake nudes, and more.
Tech Times

ChatGPT Images Carry Invisible AI Markers Anyone Can Detect: What Users Who Can’t Disclose Gen AI Need to Know

Every image generated through ChatGPT, Codex, or the OpenAI API since May 19, 2026 carries two invisible signals permanently ...
CSO Online

Unpatched ChromaDB flaw leaves servers open to remote code execution

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...
SecurityWeek

Open Source DockSec Uses AI to Cut Through Vulnerability Noise in Docker Images

DockSec correlates findings from container security scanners and uses AI to generate remediation guidance and exact Dockerfile fixes.