Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

How AI has suddenly become much more useful to open-source developers ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

AI recruiting startup Mercor confirms supply chain attack via LiteLLM library compromise. Hackers claim 4TB of data including ...

Be more productive and save money on app and subscription fees.

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

After the supply chain attack on LiteLLM, attackers were able to access internal Cisco data, it is said. Source code from ...

The source code of Anthropic's CLI tool Claude Code was accidentally made publicly accessible via a source map in the npm ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...