The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...

Seal Security today announced the Mythos Readiness Program, a limited-availability initiative for enterprises that are not part of Anthropic's private Project Glasswing review of Claude Mythos Preview ...

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...

OpenAI said a GitHub Actions workflow involved in signing Mac applications downloaded and executed a malicious version of ...

Malicious open source packages reach 1.346 million as attackers abuse trusted software, release paths, and developer ...

Harper 5.0 launches with an open-source core, RocksDB support, and a unified runtime for AI agents—cutting latency and ...

GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.

An unknown malware slinger targeting open source software developers via Slack impersonated a real Linux Foundation official ...

The 2024 XZ incident illustrates how open-source software (OSS) has become strategic infrastructure in the global economy, ...

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.

All macOS users must update their OpenAI apps, including ChatGPT, to the latest versions following a security incident, ...

Hackers linked to North Korea compromised the widely used Axios npm package by tricking a maintainer into installing malware ...