OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

The IT security company NetKnights has released version 3.13 of its multi-factor authentication software, privacyIDEA ...

A Python package presented as a privacy-first shortcut to AI models has been unmasked as a supply-chain threat that quietly captures user prompts, leans on a private university service without ...

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. Earlier today, the ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach reports, expert analysis, and actionable insights for infosec professionals and ...

The Python Package Index (PyPI) has introduced new protections against domain resurrection attacks that enable hijacking accounts through password resets. PyPI is the official repository for ...

Cybersecurity researchers have found harmful software in the official Python Package Index (PyPI) and npm package repositories, putting software supply chains at risk. The packages, called termncolor ...

Threat researchers have come across two malicious Python packages offered as resources for integrating the Chinese AI model DeepSeek into software projects. The malicious packages, named ‘deepseeek’ ...

The administrators of the Python Package Index (PyPI) have begun an effort to improve the hundreds of thousands of software packages that are listed. The attempt, which began earlier last year, is to ...

Managing libraries for Arduino boards has traditionally been a time-consuming and error-prone process. Developers often had to manually search for, download, and configure libraries, which could be ...