North Korean-linked hackers planted malicious code in widely used open-source software in an attempt to steal login ...

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary ...

A researcher flagged the issue on 31 March 2026, and the code has since been archived on multiple public repositories, ...

M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.

The weekly Friday gathering gives students a place to build ambitious personal projects across disciplines, and members say ...

By AJ Vicens March 31 (Reuters) - Hackers linked to North Korea breached behind-the-scenes software that runs many common ...

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and ...

Authentication Failures (A07) show the largest gap in the dataset: a 48-percentage-point difference between leaders and the field. Leaders fix at nearly 60%, while the field sits at roughly 12%.

The Solana Foundation says it has enhanced its security protocols days after decentralized finance (DeFi) platform ...

The hackers targeted Axios, a program that connects apps and web services, by adding their own malicious software to an ...

With Go, Ovejero points to a recurring class of bugs around nil handling. Go does not distinguish between nillable and ...

For years, the DeFi industry has treated security as a technical problem: something that could be solved with better code. But the Drift incident suggests something far more complex: that the real ...