Infosecurity outlines key recommendations for CISOs and security teams to implement safeguards for AI-assisted coding ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

The incident has been described as one of the most significant code leaks in recent times, involving the exposure of Claude ...

AI recruiting startup Mercor confirms supply chain attack via LiteLLM library compromise. Hackers claim 4TB of data including ...

Anthropic is trying to remove details about its coding agent from GitHub, but programmers are converting the code into ...

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

Security teams are scrambling after two malicious releases of the Telnyx Python SDK were uploaded to PyPI on March 27, turning a widely used developer tool into a credential-stealing backdoor that ...

According to Google researchers, a North Korean group tracked as UNC1069 has previously targeted cryptocurrency and ...

A Python package presented as a privacy-first shortcut to AI models has been unmasked as a supply-chain threat that quietly captures user prompts, leans on a private university service without ...

AI hiring startup Mercor confirmed it was "one of thousands of companies" affected by the LiteLLM supply-chain attack as the ...