NetKnights releases privacyIDEA 3.13 with enhanced passkey functionality and new web interface

The IT security company NetKnights has released version 3.13 of its multi-factor authentication software, privacyIDEA ...
TechAnnouncer

Your Comprehensive Guide to Building a REST API in Python

All in all, your first RESTful API in Python is about piecing together clear endpoints, matching them with the right HTTP ...

CardSight AI Deploys Full Slab Grade Identification Across Five Grading Companies, Launches Market Pricing Data in Beta

Platform now identifies grading company and grade for PSA, Beckett, SGC, CGC, and TAG slabs; new pricing endpoints ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Anthropic Claude source code leak explained: Techie reveals how a 4 am update exposed 512,000 lines of code

A routine software update for Anthropic's Claude Code tool accidentally leaked its entire source code, sparking rapid ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Major compromise of the telnyx PyPI library could put millions of users at risk

TeamPCP strikes again, with almost identical code to LiteLLM.

Major Security Breach Of Critical AI Dependency Exposes Cloud Secrets

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Top LLM PyPl package compromised to steal user details

Aqua Security’s Trivy vulnerability scanner compromise is trickling down ...
CBS News

Pete Hegseth says U.S. will hit Iran with its "largest strike package yet"

Defense Secretary Pete Hegseth said Thursday that there will be the "largest strike package yet" in the Iran war after Israel struck an Iranian gas field and Iran retaliated across the region. Hegseth ...
CSOonline

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace checks and silently installing malware onto developers’ systems. Threat ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. Threat actors have been abusing credentials stolen in the VS Code GlassWorm campaign to hack ...