Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

I’ve used plenty, but this one rewired my daily workflow.

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Anthropic’s Claude Code leak reveals how modern AI agents really work, from memory design to orchestration, and why the ...

If you’re wrangling financial data, the choice between PDF and CSV formats can seriously impact your workflow. PDFs look ...

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...

OpenAI announced they are extending the Responses API to make it easier for developer to build agentic workflows, adding ...

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log File System hardening with signature verification.

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...