A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Mark Collier briefed me on two updates under embargo at KubeCon Europe 2026 last month: Helion, which opens up GPU kernel ...

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

If you're paying for software features you're not even using, consider scripting them.

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.

Meta has indefinitely paused work with $10B AI data startup Mercor after a LiteLLM supply chain attack exposed training ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

A routine software update for Anthropic's Claude Code tool accidentally leaked its entire source code, sparking rapid ...

Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package ...