Supply chain attacks with a Dune sci-fi saga branding continue to spread across the open-source ecosystem, with a Microsoft ...

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

As of May 2026, the Borderlands 2 and The Pre-Sequel modding landscape has undergone a quiet but profound transformation. The community has moved beyond simple texture swaps and script tweaks, ...

Security researchers have uncovered covert infostealer malware hidden in one of the top-ranking repositories on Hugging Face, ...

Whether you want simple fire-and-forget alerts or full two-way control, here's how to securely wire your AI agent into Slack.

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

A malicious Hugging Face repository that reached the platform's trending list impersonated OpenAI's "Privacy Filter" project ...

TL;DR Two malicious versions of the popular PyTorch Lightning package have been uploaded to PyPI following the publisher account’s compromise. Lightning versions 2.6.2 and 2.6.3 (tracked as ...

Why learning to code is easier than you think You don’t need a powerful PC or years of experience to start coding. From Linux command-line tricks to lightweight tools like Dev-C++, learning can be ...

OpenAI announced Thursday that it has entered into an agreement to acquire Astral, the company behind popular open source Python development tools such as uv, Ruff, and ty, and integrate the company ...