Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Supply chain attacks feel like they're becoming more and more common.

The forgotten endpoint problem isn't a sophisticated supply chain attack or a novel vulnerability. It's basic blocking and ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Opal Security unveils an AI-native platform designed to automate and unify access governance as organizations grapple with ...

A summary of the announcements made by vendors in the days leading up to the RSAC 2026 Conference. As hundreds of vendors ...

The stolen credentials also granted access to the Google Cloud storage buckets within the tenant project in which a Vertex ...

RSAC 2026 The now-infamous Anthropic report about Chinese cyberspies abusing Claude AI to automate cyberattacks was a ...

After the supply chain attack on LiteLLM, attackers were able to access internal Cisco data, it is said. Source code from ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...