TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. Earlier today, the ...

A comprehensive, production-ready configuration for Claude Code demonstrating best practices for customization and automation. This is a reference implementation—fork it, steal what you like, adapt it ...

With more and more AI services available globally, it's getting hard to keep them all straight, which is why an app like Noi ...

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static ...

Supply chain attacks feel like they're becoming more and more common.

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...

Chainguard is expanding beyond open-source security to protect open-core software, AI agent skills, and GitHub Actions.

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log File System hardening with signature verification.

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Experimental - This project is still in development, and not ready for the prime time. A minimal, secure Python interpreter written in Rust for use by AI. Monty avoids the cost, latency, complexity ...