Malicious packages on the Node Package Manager (npm) and the Python Package Index (PyPI) delivered stealer malware to ...
A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
According to Socket, malicious payment SDK packages on npm and PyPI are harvesting developer credentials and CI/CD ...
Automox MCP Server 2.2 adds interactive review surfaces, Patch by Severity policy creation, and live capability discovery for AI-assisted endpoint operations. AUSTIN, TX, July 07, 2026 (GLOBE NEWSWIRE ...
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
GitGuardian is introducing Developer Endpoint Protection, extending its secrets and non-human identity (NHI) security platform coverage to developer workstations. After 12 months of supply-chain ...
Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
Mistral AI has released Leanstral 1.5 as a free Apache-2.0 model for Lean 4 verification. Lean 4 is a proof-assistant and programming environment for machine-checkable proofs, and proof engineering ...
X has launched a hosted MCP server, making it easier for developers to connect AI applications with the company’s API.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results