Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

While many proprietary project management tools are available on the market, open-source project management software provides an alternative for those who prefer to use free, customizable, and ...

Now I can use any operating system I want without losing features.