Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...

A simple human mistake has revealed all 500,000+ lines of code that make up Claude Code. How big a deal is that, really?

GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

Anthropic accidentally exposed over half a million lines of its Claude Code, triggering a rapid global effort to copy and ...

How AI has suddenly become much more useful to open-source developers ...

A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...

A missed step in a manual deployment process exposed the internal workings of one of AI's hottest coding tools—and briefly ...

Anthropic has exposed Claude Code's source code, with a packaging error triggering a rapid chain reaction across GitHub and ...

Sonatype®, the leader in AI-driven DevSecOps, today unveiled the Q1 2026 Open Source Malware Index, identifying 21,764 malicious open source packages in the first quarter of the year and bringing the ...

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...