A researcher has published a Windows zero-day exploit called BlueHammer on GitHub after Microsoft's Security Response Center ...

A former Azure engineer has alleged Microsoft's cloud platform has relied on manual fixes since 2008, with a talent exodus ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Anthropic leaked 512,000 lines of Claude Code source via npm, its second security lapse in days as the $350B startup eyes a ...

THE SAVANNAH GHOST PIRATES ARE IN THE THICK OF THE PLAYOFF RACE AS THEY BEGIN A LONG ROAD SWING. SPORTS DIRECTOR AMY ZIMMER BREAKS DOWN THE PIVOTAL STRETCH WITH HEAD COACH JARED STAAL IN THIS WEEKS ...

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

Supply chain attacks feel like they're becoming more and more common.

GitHub now allows developers to manage secret scanning push protection exemptions directly from repository settings, bypassing organization-level configurations. GitHub has rolled out repository-level ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...

OpenAI’s top executives are finalizing plans for a major strategy shift to refocus the company around coding and business users, recognizing that a “do everything all at once” strategy has put them on ...

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python ...

Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. Threat actors have been abusing credentials stolen in the VS Code GlassWorm campaign to hack ...