A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...

A researcher flagged the issue on 31 March 2026, and the code has since been archived on multiple public repositories, ...

A widely used JavaScript package used with over a hundred million weekly downloads has been compromised in a new supply chain ...

The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will ...

Rutherford County Library System Dir. Luanne James recently took a 1st Amendment stand on children's LGBTQIA books that could ...

A Tennessee library board will meet Monday to consider firing a library director who refused to remove more than 100 LGBTQ+ ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Supply chain attacks are increasing in volume, but open source vulnerabilities continue relatively unnoticed.

It allows developers to treat text as a fluid substance that can be recalculated every single frame without dropping a beat.

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...