Lovable's API exposed source code and database credentials for 48 days after the company closed a bug report. Up to 62% of AI ...

Corporations strategically control markets with open-source software. The community participates without realizing that the ...

Vercel blamed its breach on an earlier hack at Context AI, which allowed hackers to hijack a Vercel employee's account to ...

The Eclipse Foundation today announced Open VSX Managed Registry , the open source software ecosystem’s first foundation-operated managed service for critical developer infrastructure. Open VSX is the ...

A bug allowed access to chat histories, source code, and customer data in public projects. The vibe-coding platform says the ...

Node.js does not need more theatrical security output. It needs better developer workflow infrastructure. It needs tools that ...

We tested Clym's free, open-source accessibility testing suite. An honest review of what it covers, how it works, and whether ...

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...

Coordinated AI Agents Deliver a Unified Five-Stage Quality Pipeline, Free and Open Source Under Apache 2.0 License ...

Vercel confirmed that attackers accessed parts of its internal systems via a compromised third-party AI tool that used Google Workspace OAuth.

Breach tied to compromised AI tool may have exposed credentials used by app frontends, the user-facing layer that connects ...

A growing conflict between Nextcloud and OnlyOffice is drawing attention across the open-source community, as both sides ...