Earlier this month, OpenAI updated ChatGPT’s mobile app to include remote access to Codex for Mac. Starting today, ChatGPT ...

The Agent Governance Toolkit brings runtime policy enforcement to autonomous agents, targeting the OWASP top 10 agent risks.

A serious security vulnerability in a widely used open-source Python component could put a large number of AI agents ...

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...

The Cloud Native Computing Foundation (CNCF) announced the graduation of OpenTelemetry, an open source observability framework designed to standardize telemetry data collection and processing, marking ...

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...

Sometime around the last week of May 2026, attackers uploaded poisoned packages to three of the most widely used software ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps the six gaps it ...

Open-source repositories are collapsing under the strain of 10 trillion downloads annually. All the major repositories are joining together to tackle this problem. While a lack of funds is a major ...

Anthropic today updated Claude with new connectors aimed at creative professionals, adding integrations for Ableton, Adobe, Affinity, Autodesk Fusion, Blender, Resolume Arena and Wire, SketchUp, and ...

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a vulnerability in the developers’ account workflow that gave access to its signing keys ...