In recognition of 21 GenAI risks, the standards groups recommends firms take separate but linked approaches to defending ...

Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

A Python package presented as a privacy-first shortcut to AI models has been unmasked as a supply-chain threat that quietly captures user prompts, leans on a private university service without ...

Supply chain attacks feel like they're becoming more and more common.

Online fraudsters are using new technology that bypasses security features of UPI apps to carry out financial transactions, cyber intelligence firm CloudSEK claimed in a report. According to the ...