New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.

Coding in 2026 Shifts Toward Design and AI Agent Oversight

Coding in 2026 shifts toward software design and AI agent management; a six-month path covers Git, testing, and security ...

Under-13s to be allowed on WhatsApp with parental consent

WhatsApp, the messaging service run by Meta, is going to allow under-13s on its platform, as long as they have parental consent.
Security Boulevard

What Is an Exposure Assessment Platform — And Why Your Website Is the Blind Spot

In November 2025, Gartner formalized a new security category — Exposure Assessment Platforms — evaluating 20 vendors on their ability to continuously identify and prioritize The post What Is an ...

SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites

An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without ...