IBM and Red Hat launch Lightwell to defend open-source code from AI attacks ...
Stolen and leaked credentials lead to Node.js packages from AsyncAPI and Jscrambler Code Integrity being poisoned with ...
North Korean hackers are targeting open source software developers with a backdoor and an information stealer as part of a ...
Hosted on MSN
Chainguard's new Athena coalition uses AI to fix open-source flaws before attackers exploit them
Chainguard will use AI to protect open-source code. Athena pools open-source users, developers, and maintainers. Others are also using AI to secure open-source code. As everyone in IT knows, or should ...
In a photo taken on June 14, 2018, students wearing Korean People's Army (KPA) uniforms sit before computer screens as they attend a class at the Mangyongdae Revolutionary School outside Pyongyang.
Capital One has open-sourced VulnHunter, an AI security tool that finds exploitable code flaws, maps attack paths and helps ...
Community-run Swift package search engine and metadata index Swift Package Index is joining Apple, but says little is changing for developers in the near term. Here are the details. Most Swift ...
The Swift Package Index is no longer independent as Apple has taken control, but it will remain an open source search engine for third-party code. The Swift Package Index gave developers one trusted ...
The Jscrambler client-side web security company disclosed that a threat actor published a malicious version of its npm ...
Cardano wallet SecondFi traced the incident to an address-level issue and secured 129 million ADA after attackers drained funds from 374 addresses. A vulnerability in Cardano-based wallet SecondFi ...
Five malicious versions of AsyncAPI packages were published to the Node Package Manager (npm) in a supply-chain attack that ...
JFrog finds 148 npm proxy packages turned student browsers into a DDoS botnet, while a mutable loader lets operators re-arm ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results