India's software supply chain security challenge is deepening as AI expands the attack surface while many enterprises lack ...

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers ...

Copycat hackers are competing to win $1,000 for the largest supply chain attack using Shai-Hulud, an open-sourced worm that has brought down a few major open-source projects. Malicious NPM packages ...

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a ...

OpenAI confirmed on Wednesday that it found no evidence suggesting user data was compromised following a security incident ...

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

In March 2026, someone hijacked a maintainer account for Axios, a JavaScript HTTP library downloaded more than 45 million ...

Abstract: The open-source software (OSS) ecosystem suffers from security threats caused by malware. However, OSS malware research has three limitations: a lack of high-quality datasets, a lack of ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code to escape the container and do nasty things to IT environments. As a result, ...

Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform with nearly 24,000 GitHub stars, that could be exploited to ...

A 13-block chain reorganization on LTC $54.43 late Friday and Saturday rewound roughly 32 minutes of network activity after attackers used a vulnerability in its Mimblewimble Extension Block (MWEB) ...