The 2024 XZ incident illustrates how open-source software (OSS) has become strategic infrastructure in the global economy, ...

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

Spread the loveIn a troubling escalation of cyber threats, the past 48 hours have witnessed a significant surge in attacks targeting both software supply chains and individuals. Security researchers ...

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

Samsung is sunsetting its own chat app while Apple adds end-to-end encryption to its already-live RCS, hinting that the final texting firewall might soon drop. Meanwhile, Cloudflare drafts a ...

A Python package presented as a privacy-first shortcut to AI models has been unmasked as a supply-chain threat that quietly captures user prompts, leans on a private university service without ...

Meta pauses Mercor partnership after a major data breach raises concerns over exposure of sensitive AI training data.

Meta has indefinitely paused work with $10B AI data startup Mercor after a LiteLLM supply chain attack exposed training ...

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...

RippleX joins MoonPay's Open Wallet Standard Hackathon with XRPL and RLUSD challenge tracks targeting agentic finance and ...

On Wednesday, Cisco issued nine security advisories. They address partly critical vulnerabilities in several products.