Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

Anthropic goes nude, exposes Claude Code source by accident

Would you like a closer look at Claude? Someone at Anthropic has some explaining to do, as the official npm package for ...

Major compromise of the telnyx PyPI library could put millions of users at risk

JFrog reports Telnyx PyPI package was poisoned with malware by TeamPCP Malicious update delivered hidden .wav payload that deployed infostealer and persistence mechanisms Users advised to downgrade, ...