North Korean hackers are targeting open source software developers with a backdoor and an information stealer as part of a ...
IBM and Red Hat launch Lightwell to defend open-source code from AI attacks ...
A newly-disclosed exploit in Claude Code’s ‘auto-mode’ leaves developers facing remote code execution (RCE) vulnerabilities ...
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal ...
Slopsquatting represents an emerging supply chain threat made possible by AI hallucinations. As developers increasingly rely ...
Socket found a compromised Injective npm package stealing wallet keys amid rising crypto supply chain attacks.
Unknown attackers compromised Injective Labs' GitHub repo to publish npm package 1.20.21, which steals wallet private keys ...
Malicious jscrambler 8.14.0 runs hidden binaries during npm install on Windows, macOS, and Linux, with no fix available as of ...
Cybersecurity researchers at ESET identify big rise in suspicious and malicious toolsets which put users at risk from ...