Valid certificates, stolen accounts: how attackers broke npm's last trust signal

Stolen credentials produced valid Sigstore certificates, clearing 633 malicious npm packages — one of seven developer tool ...

You can now send Codex tasks from your phone even when your Mac is locked

OpenAI's Codex can now use apps on your Mac remotely from your phone, even when the screen is off and the Mac is locked. Here's how it works and what to keep in mind.
Communications of the ACM

Faults and Pitfalls in Implementing the Right to be Forgotten

This practice had to change when the European Union introduced Right to be Forgotten (RTBF)—first in 2014, as a standalone ...
CSO Online

Unpatched ChromaDB flaw leaves servers open to remote code execution

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...

‘Fuck you, Bambu’: How one private message could change the face of 3D printing

Thousands are daring Bambu to take legal action.

GitHub investigates internal repositories breach claimed by TeamPCP

GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed ...
Virtualization Review

Google I/O '26 Fills Out Enterprise Agent Stack with Managed Agents, ADK 2.0

Google followed its Cloud Next '26 Gemini Enterprise Agent Platform rollout and its Antigravity CLI transition with a broader I/O 2026 agent-development stack spanning Agent Studio, Managed Agents API ...
CNET

Leave Those Laptops at Home. OpenAI Adds Codex to ChatGPT Mobile App

Out in the real world, with Codex in the ChatGPT mobile app, users can accomplish tasks without juggling a laptop or having ...

OpenAI Finally Adds Codex Remote Access to ChatGPT Mobile App

OpenAI has integrated Codex into the ChatGPT mobile app, allowing users on iOS and Android to remotely manage coding agents.
Security Boulevard

Three CVEs and the May 2026 Exploit Chain Nobody’s Taking Seriously

May 2026 dropped three critical Linux vulnerabilities on a near-weekly cadence, and the security discourse has mostly treated them as three separate bad days. They’re not. Together they form a ...
InfoQ

Accelerating LLM-Driven Developer Productivity at Zoox

Amit Navindgi discusses the systematic shift at Zoox from fragmented documentation to an AI-driven ecosystem. He explains how ...
SecurityWeek

Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware

CRPx0 is a complex, stealthy malware campaign that targets macOS and Windows systems, and appears to have Linux capabilities ...