Anthropic disclosed that Project Glasswing has uncovered over 10,000 high- or critical-severity vulnerabilities across systemically important software since launching last month. About 50 partner organizations are using Claude to autonomously scan codebases, marking a significant milestone in AI-powered security research.
Alibaba.com launched Accio Work in Pakistan, an agentic AI business platform for small and medium exporters. The autonomous, plug-and-play system handles end-to-end business operations, from sourcing to logistics, as Pakistan's IT exports hit a record $3.8 billion in FY25.
Pakistan Software Houses Association released policy recommendations for the Federal Budget 2026-27, demanding structural tax reforms to level the playing field between registered IT companies and remote freelancers operating outside the tax net.
US lawmakers in both houses of Congress are demanding answers from CISA after a contractor intentionally published AWS GovCloud keys and agency secrets on a public GitHub repo. CISA is still scrambling to contain the breach and invalidate leaked credentials.
A maximum-severity vulnerability (CVE-2026-48172, CVSS 10.0) in LiteSpeed's cPanel plugin is being actively exploited in the wild. The flaw allows any cPanel user to run arbitrary scripts with root privileges through incorrect privilege assignment.
633 malicious npm package versions passed Sigstore provenance verification after attackers compromised maintainer accounts and generated valid signing certificates. The attack highlights that provenance attestation only verifies build origin, not publisher intent - trust still depends on account security.
Multiple PHP packages in the Laravel-Lang project were compromised to deliver a cross-platform credential-stealing framework. The affected packages (lang, http-statuses, attributes, actions) were injected with malicious code through freshly published tags.