Supply chain attacks feel like they're becoming more and more common.

Every conversation you have with an AI — every decision, every debugging session, every architecture debate — disappears when ...

Microsoft ships Agent Framework 1.0 but Azure's agent stack still spans too many surfaces while Google and AWS offer cleaner developer paths.

Lior Alexander is the CEO of AlphaSignal. The platform has over a quarter of a million subscribers and generates 200 million ...

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

A Python package presented as a privacy-first shortcut to AI models has been unmasked as a supply-chain threat that quietly captures user prompts, leans on a private university service without ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Anthropic leaked 512,000 lines of Claude Code source code through a packaging error, exposing security logic and internal ...