The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from ...

Anthropic's AI coding assistant's source code leaked, prompting swift copyright takedowns on GitHub. However, one engineer ...

Meanwhile, techies are spreading their copies in private Discord servers, weeding through newly discovered features like spinner verbs, coding pets, and the "fucks" chart — so dubbed by Claude Code ...

Anthropic PBC is rushing to address the inadvertent release of internal source code behind Claude Code, an AI-powered ...

Anthropic leaked 512,000 lines of Claude Code source via npm, its second security lapse in days as the $350B startup eyes a ...

Four vulnerabilities in CrewAI could be chained together via prompt injection for sandbox escape, remote code execution, and ...

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...