Opinion

Project Glasswing and open source software: The good, the bad, and the ugly

While Anthropic claims its Claude Opus 4.6 can barely find zero-days, Mythos Preview can pop up working exploits 72.4 percent of the time. It's a good thing Anthropic has limited its use for now; if ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

Top open source AI platform Flowise hit by maximum-level security issue

Flowise AI platform carried CVSS-10 arbitrary code flaw Vulnerability in CustomMCP node exploited in the wild Up to 15,000 ...

OpenAI flags third-party data issue — all macOS users should update now

OpenAI rotated macOS code‑signing certificate after Axios supply chain breach Malicious Axios 1.14.1 pulled into app‑signing ...
Silicon Canals

One maintainer, one compromised laptop: How North Korean hackers hijacked the Axios open source project

In early April 2025, security researchers confirmed that North Korean state-sponsored hackers had successfully compromised the Axios HTTP library. It is one ...

Anthropic’s biggest AI leak yet: How Claude Code spill exposed secrets and sparked chaos

AI firm Anthropic accidentally leaked its Claude Code source code via an npm package, revealing unreleased features like an ...
NYU Tisch School of the Arts

Bairui Su’s ITP Thesis Project "Recho Notebook" to be presented at CHI 2026

Recho Notebook, an ITP thesis project by Bairui Su (ITP '25), is a new open-source coding environment designed for algorithms and ASCII art.
Cyber Daily

Anthropic, partners announce Project Glasswing cyber security initiative

Amazon, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, the Linux Foundation, Microsoft, and Palo Alto Networks all sign on ...
Developer Tech

AI code scanners halt Internet Bug Bounty payouts

The Internet Bug Bounty program has paused new submissions, citing a massive expansion in vulnerability discovery by AI code ...
Geopolitical Monitor

Distributed Risk: Open-Source Software as Strategic Infrastructure

The 2024 XZ incident illustrates how open-source software (OSS) has become strategic infrastructure in the global economy, ...
Cyber Daily

Your developers work for cyber gangs

In-house software built in March with open-source components may include malware placed there by criminals. This isn’t a ...
Enterprise Times

Security and AI news from the week beginning 30 March 2026

Anthropic and OpenAI just can't stay out of the news, which must be fun for their PR teams. This week, Anthropic accidentally ...