Malicious open source packages reach 1.346 million as attackers abuse trusted software, release paths, and developer ...

GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.

Hackers linked to North Korea compromised the widely used Axios npm package by tricking a maintainer into installing malware ...

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

An unknown malware slinger targeting open source software developers via Slack impersonated a real Linux Foundation official ...

AI firm Anthropic accidentally leaked its Claude Code source code via an npm package, revealing unreleased features like an ...

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

All macOS users must update their OpenAI apps, including ChatGPT, to the latest versions following a security incident, ...

European digital assets have a habit of not staying European. A 'Buy European' label is not a sovereignty guarantee unless it ...

“Taught Claude Cowork to use NotePlan. It’s creating daily, weekly, and monthly notes. It’s creating notes that act as ...

Anthropic and OpenAI just can't stay out of the news, which must be fun for their PR teams. This week, Anthropic accidentally ...