With Anthropic rushing to wipe out the Claude Code leak, hackers are posting malware-laden files on GitHub that they claim are special, unlocked versions of the AI tool.

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Anthropic leaked 512,000 lines of Claude Code source via npm, its second security lapse in days as the $350B startup eyes a ...

This technique can be used out-of-the-box, requiring no model training or special packaging. It is code-execution free, which ...

Another big drawback: Any modules not written in pure Python can’t run in Wasm unless a Wasm-specific version of that module ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

More open-source developers are finding that, when used properly, AI can actually help current and long-neglected programs.

TeamPCP strikes again, with almost identical code to LiteLLM.

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

The Chicago Urban Heritage Project​ is filling in blanks for the history of entire neighborhoods and Chicago as a whole, ...