Meta pauses Mercor partnership after a major data breach raises concerns over exposure of sensitive AI training data.

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

Better way to master Python.

Meta has indefinitely paused work with $10B AI data startup Mercor after a LiteLLM supply chain attack exposed training ...

TeamPCP strikes again, with almost identical code to LiteLLM.

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

Engineers from OLX reported that a single-line modification to dependency requirements allows developers to exclude unnecessary GPU libraries, shrinking contain ...

Mark Collier briefed me on two updates under embargo at KubeCon Europe 2026 last month: Helion, which opens up GPU kernel ...

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply chains.

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks.

Integrated into platforms like Proton Docs or OpenProject, the Euro-Office component enables real-time editing of documents, spreadsheets, and presentation files while supporting multiple formats.