Infosecurity outlines key recommendations for CISOs and security teams to implement safeguards for AI-assisted coding ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

Uploads bring prompts and responses, but not project files, attachments, or AI-generated images. The rollout skips the UK, ...

A Python package presented as a privacy-first shortcut to AI models has been unmasked as a supply-chain threat that quietly captures user prompts, leans on a private university service without ...

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...

AI recruiting startup Mercor confirms supply chain attack via LiteLLM library compromise. Hackers claim 4TB of data including ...

Most people never see malware—but after decades of testing it, I can show you exactly what it looks like.

Mikko Hyppönen is one of the most recognizable faces of the cybersecurity industry. After fighting computer viruses, worms, ...

Plus: The FBI says a recent hack of its wiretap tools poses a national security risk, attackers stole Cisco source code as ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...