GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed ...

The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects ...

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.

Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...

A single line of Python code was all it took. Developers who ran import lightning after installing versions 2.6.2 or 2.6.3 of ...

Attackers compromised the official Mistral AI Python package on PyPI along with hundreds of other widely-used developer packages, exposing GitHub tokens, cloud credentials, and password vaults across ...

On April 30, two releases of one of the most popular machine learning libraries on the Python Package Index were caught ...

Christian Louboutin presents its Fall 2026 collection, featuring women's footwear and bags inspired by nature and men's designs by Jaden Smith.

ProgramBench tests SWE agents' ability to develop complete software projects holistically from scratch. Claude Opus 4.7, Gemini 3.1 Pro, GPT 5.4 and others score 0% on the new benchmark developed by ...

Another massive supply chain attack is spreading. Hundreds of compromised NPM packages are being detected, with hackers using stolen secrets to create over 2,200 public GitHub repositories, all ...