Sonatype®, the leader in AI-driven DevSecOps, today unveiled the Q1 2026 Open Source Malware Index, identifying 21,764 malicious open source packages in the first quarter of the year and bringing the ...
GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.
OpenAI rotated macOS code‑signing certificate after Axios supply chain breach Malicious Axios 1.14.1 pulled into app‑signing ...
The 2024 XZ incident illustrates how open-source software (OSS) has become strategic infrastructure in the global economy, ...
Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that ...
Last week, something alarming happened in the world of software — and almost nobody outside the tech industry noticed. A ...
Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...
OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.
Researcher Haifei Li, founder of the exploit detection platform EXPMON, discovered a sophisticated attack that uses PDF files to spy on and potentially ...
Spread the loveIn a chilling reminder of the vulnerabilities inherent in open source software, two significant supply chain attacks occurred in March 2026, targeting widely used tools that affect a ...
Adobe Acrobat and Reader users are under attack from hackers using a zero-day vulnerability. Update within 72 hours, Adobe ...
Although executed by different attackers – Axios by North Korean-linked goons, and Trivy et al. by a loosely knit band of ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results