The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

This shouldn’t work—but it absolutely does.

Truelist releases 20+ free, open-source SDKs and framework integrations for email validation — Node, Python, React, ...

Anthropic exposed Claude Code source on npm, revealing internal architecture, hidden features, model codenames, and fresh ...

Free cryptographically verified code quality scoring for software procurement. The best software wins. Not the best ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

Malwarebytes discovered Infiniti Stealer - a new piece of malware targeting macOS devices.

The Java ecosystem has historically been blessed with great IDEs to work with, including NetBeans, Eclipse and IntelliJ from JetBrains. However, in recent years Microsoft's Visual Studio Code editor ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...