Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical ...

The forgotten endpoint problem isn't a sophisticated supply chain attack or a novel vulnerability. It's basic blocking and ...

Gaming firms prioritise senior tech talent as AI shifts hiring toward skills-based recruitment models globally and in SA.

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

The stolen credentials also granted access to the Google Cloud storage buckets within the tenant project in which a Vertex ...

After the supply chain attack on LiteLLM, attackers were able to access internal Cisco data, it is said. Source code from ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...