Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

Meta pauses Mercor partnership after a major data breach raises concerns over exposure of sensitive AI training data.

Meta has indefinitely paused work with $10B AI data startup Mercor after a LiteLLM supply chain attack exposed training ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

How AI has suddenly become much more useful to open-source developers ...

The source code of Anthropic's CLI tool Claude Code was accidentally made publicly accessible via a source map in the npm ...

A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from ...

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.

After the supply chain attack on LiteLLM, attackers were able to access internal Cisco data, it is said. Source code from ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...

Free cryptographically verified code quality scoring for software procurement. The best software wins. Not the best ...