On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Google Threat Intelligence Group warns of active supply chain attack on npm’s Axios library Malicious dependency ...

Anthropic accidentally exposed over half a million lines of its Claude Code, triggering a rapid global effort to copy and ...

A routine software update for Anthropic's Claude Code tool accidentally leaked its entire source code, sparking rapid ...

Neovim 0.12 introduces a native plugin manager and puts an end to "Press ENTER". The goal is an out-of-the-box editor.

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package ...

Reimaging professional and educational practices for an AI-augmented future.

TeamPCP strikes again, with almost identical code to LiteLLM.

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.