The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

DCI lets AI agents search raw files with grep and bash instead of embeddings — boosting accuracy 11 points and cutting retrieval costs 30% on complex tasks.

Eight innovative tools that are reimagining web applications and how we build them. Welcome to the Great Unbloating.

TL;DR Introduction At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps the six gaps it ...

If reinstalling software feels repetitive, these tools have some ideas.

If you've used Linux, you've undoubtedly experienced these problems, so why not take a look?

A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent. According to Seqrite ...

Cryptocurrency developers have become the focus of a new macOS-focused cyber campaign that uses fake recruiter approaches, malicious meeting links and compromised software pipelines to steal digital ...

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

The JP Morgan Chase executive accused of sexually harassing her ex-subordinate and racially discriminating against him has now filed her own lawsuit for defamation. Lorna Hajdini filed the suit ...