Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Anthropic accidentally exposed Claude Code source, raising security concerns

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

LiteLLM loses game of Trivy pursuit, gets compromised

Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the ...
Outlook Business

Claude Source Code Leaked Again: Anthropic Says No Customer Data Compromised

Anthropic accidentally leaked over 500,000 lines of Claude Code source code via an npm source map, exposing internal APIs, ...

Cisco source code stolen in Trivy-linked dev environment breach

Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to ...
Security Boulevard

Trivy Scanner Compromise Explained and What it Means For Your SaaS and CI/CD Security

The Trivy supply chain compromise gave attackers a way to deliver malicious infostealer code. Learn how it happened and ...

5 telltale signs that your phone has been compromised (and how to combat them)

Here are the biggest warning signs that your phone may be hacked, along with the secret codes that can tell you more.