Sonatype Releases Q1 2026 Open Source Malware Index: Trust Abuse Most Successful Attack Vector

Sonatype®, the leader in AI-driven DevSecOps, today unveiled the Q1 2026 Open Source Malware Index, identifying 21,764 malicious open source packages in the first quarter of the year and bringing the ...
TechJuice

GlassWorm Escapes JavaScript Sandbox to Silently Spread Across Developer Tools

GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.

OpenAI flags third-party data issue — all macOS users should update now

OpenAI rotated macOS code‑signing certificate after Axios supply chain breach Malicious Axios 1.14.1 pulled into app‑signing ...
Geopolitical Monitor

Distributed Risk: Open-Source Software as Strategic Infrastructure

The 2024 XZ incident illustrates how open-source software (OSS) has become strategic infrastructure in the global economy, ...

Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw

Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that ...

AI Coding Is Exploding And Application Security Is Accelerating With It

AI coding will accelerate innovation across every industry. That acceleration doesn't diminish application security; ...

The invisible shield: How AI is quietly protecting the software that runs your life

Last week, something alarming happened in the world of software — and almost nobody outside the tech industry noticed. A ...
The Hacker News

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...
SecurityWeek

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.