Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.
The Hacker News

The State of Trusted Open Source Report

Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

Ken Chapman & Associates Expands Leadership Training to Spanish-Speaking Workforce

New Capabilities Enables Organizations to Deliver Leadership Development in Spanish, Supporting More Inclusive and ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
GitHub

政府政策文件爬虫系统

这是一个专门用于爬取中国政府网站政策文件的Python爬虫系统。系统包含两个主要模块: 人力资源和社会保障部爬虫 (mohrss_crawler/) - 爬取人社部政策文件 发改委爬虫 (ndrc_crawler/) - 爬取发改委政策文件 系统采用模块化设计,具备完整的日志记录、错误处理、数据 ...

New Infinity Stealer malware grabs macOS data via ClickFix lures

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.