Endor Labs launches AURI, a free security platform that embeds directly into AI coding assistants like Cursor and Claude to catch vulnerabilities in AI-generated code before they ship to production.

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

Meet Oblivion, the new RAT malware that bypasses Android security to gain full device control: Here's how it works and how to stay safe.

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.

ActiveState, a global leader in open source language solutions and secure software supply chain management, today announced it has grown its catalog of secure open source components to 79 million, ...

NPM, the Node Package Manager, hosts millions of packages and serves billions of downloads annually. It has served well over the years but has its shortcomings, including with TypeScript build ...

Researchers have published the recipe for an artificial-intelligence model that reviews the scientific literature better than some major large language models (LLMs) are able to, and gets the ...

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux. On Windows, an ...

Tether has released an open-source operating system for bitcoin mining, pitching it as a way to make running mining infrastructure simpler while reducing reliance on closed, vendor-controlled software ...

Tether has unveiled MiningOS (MOS) as part of a broader push to reduce the industry’s reliance on proprietary, vendor-controlled software. Tether has open-sourced a new operating system for bitcoin ...

House Democrats have informed GOP leaders they will not help pass a funding package through a fast-track process, a source familiar with the matter confirmed to The Hill — complicating Speaker Mike ...

Malicious open source software packages have become a critical problem threatening the software supply chain. That’s one of the major takeaways of a new report titled “State of the Software Supply ...