I don't really know why, though.

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

Discover 24 best free AI tools for 2026, from chatbots to video and coding, that actually work without paywalls or credit ...

Karpathy proposes something simpler and more loosely, messily elegant than the typical enterprise solution of a vector ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how quickly a compromised package can propagate through the ecosystem.

The source code of Anthropic's CLI tool Claude Code was accidentally made publicly accessible via a source map in the npm registry.

OpenAI has launched a plugin marketplace for Codex with over 20 integrations from Slack, Figma, and Notion, adding enterprise governance controls.

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...

If you work with AI APIs and local LLMs, there's a good chance you've at least heard of LiteLLM. It's one of the most popular Python libraries for interacting with large language models, offering a ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

This started as a side project because I wanted to see battery %, dock state, and sidetone levels without running the official Astro software in the background. That turned into reverse-engineering ...

Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular "@react-native-community/cli" npm package. Despite more than a month after ...