Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...

Glia, an intelligent banking interactions platform trusted by over 700 financial institutions, announced today that it has achieved two Amazon Web Services (AWS) Competencies: the AWS AI Competency in ...

TouchPoint partnered with Qlik®, using Qlik Answers® powered by Amazon Bedrock, to build a chatbot interface branded as TouchPointGPT. The system has more than 62,000 pages indexed across 25 knowledge ...

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...

A coordinated malware campaign known as TrapDoor has hit software ecosystems widely used by crypto and blockchain developers.

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

Soma Somasegar spent 27 years at Microsoft before joining the Madrona Venture Group.

The malware employs ecosystem-specific techniques for execution. On npm, many packages use post-install hooks to deploy a comprehensive JavaScript payload ...

Anthropic releases Claude Opus 4.8 with dynamic workflows, 1,000 parallel subagents, and 3x cheaper fast mode. Here's what ...

The AWS SDK for JavaScript v3 is a rewrite of v2 with some great new features. As with version 2, it enables you to easily work with Amazon Web Services, but has a modular architecture with a separate ...