A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...

The $10 million THORChain exploit was caused by a vulnerability in its GG20 signing framework, which allowed the hacker to ...

Reported over three years ago and allegedly still not properly fixed, the vulnerability enables attacks to execute JavaScript ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a ...

OpenAI confirmed on Wednesday that it found no evidence suggesting user data was compromised following a security incident ...

In March 2026, someone hijacked a maintainer account for Axios, a JavaScript HTTP library downloaded more than 45 million ...

Microsoft CEO Satya Nadella was asked point-blank by a Wall Street analyst on Wednesday how its revised OpenAI partnership would impact Microsoft’s financials. He said that the new agreement was a ...

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a vulnerability in the developers’ account workflow that gave access to its signing keys ...

Chinese companies have embraced making their most advanced artificial intelligence models available to all. The Chinese start-up DeepSeek shook the industry in January 2025 with its claim that it had ...

A major decentralized finance (DeFi) hack could prompt Wall Street firms to reassess the pace of their blockchain and tokenization efforts, a Jefferies analyst wrote in a report. The note follows a ...

A roughly $292 million exploit over the weekend has rattled the crypto industry, exposing vulnerabilities in decentralized finance (DeFi) infrastructure and raising concerns about knock-on effects ...