Hacker hijacks Axios open-source project, used by millions, to push malware

A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...
Cybernews

Anthropic inadvertently leaks source code for Claude Code CLI tool

Anthropic, the flagship AI company, has inadvertently exposed the source code for its major CLI tool Claude Code. It has ...
Morning Overview on MSN

Vibe coding’s downsides are piling up, especially for open-source projects

A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from ...
Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.
CSOonline

More open-source project takeover attempts found after XZ Utils attack

The Open Source Security Foundation (OpenSSF) together with the OpenJS Foundation have identified additional incidents where attackers attempted to social engineer their way into the management of ...
InfoWorld

How to upstream code to open source projects

Upstreaming can improve your code, simplify development, and lighten your maintenance burden. Follow these best practices when donating code and reap the benefits. Code commonly flows downstream, from ...