The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and ...

Open-source software powers a significant share of modern business infrastructure, yet many critical projects remain ...

Secure software supply chain solution provider Chainguard Inc. today expanded its Chainguard Repository product with malware ...

Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.

Today, Liquibase is proud to release the open source Liquibase CVE Library (Common Vulnerabilities and Exposures Library) to ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe ...

Meteor CTO Henrique Schmaiske led the framework's largest release in over a decade, removing Fibers and migrating to async/await across 2,300 commits while keeping 500,000+ active installations stable ...

Adblock for YouTube has over 11 million installations. However, it can inject script code into any page uncontrollably.

The popular Mastra AI framework, used to build artificial intelligence agents, workflows and retrieval-augmented generation ...

Security vendors and their customers have spent considerable time debating where to draw the line between “legitimate” AI agents and “malicious” bots. A 31-day campaign against a major consumer ...

July 2026, blocking install scripts, Git dependencies, and remote URL sources by default. Every team running npm install in ...

Figma Config 2026 closed Thursday with Code Layers for GitHub-linked canvas editing, Figma Motion in open beta with CSS and ...