Yesterday, I wrote about a 2-year-old open-source hardware ESP32-based DAB+ receiver project, but it turns out there's also a ...

Samsung is sunsetting its own chat app while Apple adds end-to-end encryption to its already-live RCS, hinting that the final texting firewall might soon drop. Meanwhile, Cloudflare drafts a ...

A Python package presented as a privacy-first shortcut to AI models has been unmasked as a supply-chain threat that quietly captures user prompts, leans on a private university service without ...

Meta has indefinitely paused work with $10B AI data startup Mercor after a LiteLLM supply chain attack exposed training ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

A newly developed bioinformatics tool, MPGK, integrates Mendelian randomization, polygenic risk score, Gene Ontology, and the ...

After the supply chain attack on LiteLLM, attackers were able to access internal Cisco data, it is said. Source code from ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

The stolen credentials also granted access to the Google Cloud storage buckets within the tenant project in which a Vertex ...

Anthropic accidentally exposed over half a million lines of its Claude Code, triggering a rapid global effort to copy and ...