Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

The forgotten endpoint problem isn't a sophisticated supply chain attack or a novel vulnerability. It's basic blocking and ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

The stolen credentials also granted access to the Google Cloud storage buckets within the tenant project in which a Vertex ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

After the supply chain attack on LiteLLM, attackers were able to access internal Cisco data, it is said. Source code from ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Gaming firms prioritise senior tech talent as AI shifts hiring toward skills-based recruitment models globally and in SA.

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

LangChain and LangGraph have patched three high-severity and critical bugs.

Anthropic is trying to remove details about its coding agent from GitHub, but programmers are converting the code into ...