Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.

CISA confirms active exploitation of four enterprise software bugs

The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities ...
The Hacker News

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

CISA added four actively exploited vulnerabilities to its KEV catalog, urging U.S. federal agencies to apply fixes by February 12, 2026.
GitHub

alibaba/sec-code-bench

SecCodeBench is a benchmark suite for evaluating the security of AI-generated code, specifically designed for modern Agentic Coding Tool. It is jointly developed by Alibaba Group in collaboration with ...
Security Boulevard

SAML vs LDAP: Protocol Comparison for Authentication & Directory Services

Deep dive comparison of SAML and LDAP for CTOs. Learn the differences in authentication, directory services, and how to scale Enterprise SSO.
InfoWorld

TypeScript levels up with type stripping

Say goodbye to source maps and compilation delays. By treating types as whitespace, modern runtimes are unlocking a “no-build” TypeScript that keeps stack traces accurate and workflows clean.
CSO Online

GitLab 2FA login protection bypass lets attackers take over accounts

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched.
InfoQ

Microsoft Releases Azure Functions Support for Model Context Protocol Servers

Microsoft has launched its Model Context Protocol (MCP) for Azure Functions, ensuring secure, standardized workflows for AI ...
Analytics Insight

10 Java & Spring Boot Trends to Watch in 2026

Overview: Cloud-native and microservices architectures are becoming even more central to modern applications, with Java and ...