The hacker group TeamPCP uploaded two malicious versions of the popular Python library LiteLLM to PyPI. Using a previously compromised version of the vulnerability scanner Trivy, the attackers stole ...

Another massive supply chain attack is spreading. Hundreds of compromised NPM packages are being detected, with hackers using stolen secrets to create over 2,200 public GitHub repositories, all ...

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...

Sometime around the last week of May 2026, attackers uploaded poisoned packages to three of the most widely used software ...

The deal gives Anthropic tighter control over how developers connect Claude to software and business systems as AI vendors ...

Articraft transforms the creation of articulated 3D assets into a programmatic, code-generation workflow powered by LLMs. Engineered for large-scale dataset generation, it bypasses heavyweight manual ...

Thousands of software development teams whose CI/CD pipelines depended on LocalStack’s free community edition lost access to ...

Grabbing data from the internet is much easier when you skip the coding part.

Microsoft flagged a Mistral AI hack as a supply-chain attack that hid malware in a fake AI library on PyPI. Here's what ...

Google reported the first confirmed AI-assisted zero-day exploit, raising new concerns about logic flaws, supply chain risk, ...

A free, self-hosted voice-cloning studio built by Jamie Pine, the Canadian developer behind the Spacedrive file manager, has ...

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI ...