The Tech Edvocate

Supply Chain Attacks Target Popular Open Source Tools: A Growing Threat

Spread the loveIn a chilling reminder of the vulnerabilities inherent in open source software, two significant supply chain attacks occurred in March 2026, targeting widely used tools that affect a ...
NYU Tisch School of the Arts

Bairui Su’s ITP Thesis Project "Recho Notebook" to be presented at CHI 2026

Recho Notebook, an ITP thesis project by Bairui Su (ITP '25), is a new open-source coding environment designed for algorithms and ASCII art.

Project Glasswing aims to secure the world’s software, and Anthropic’s mythology

Anthropic is pitching Project Glasswing as a cybersecurity breakthrough, but the first battle may be getting everyone to believe in the legend of Claude Mythos| Business News ...
Nextgov

Anthropic’s Glasswing initiative raises questions for US cyber operations

Intelligence officials and industry are weighing how Claude Mythos Preview could reshape hacking and cyberdefense. The ...
Cyber Daily

Anthropic, partners announce Project Glasswing cyber security initiative

Amazon, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, the Linux Foundation, Microsoft, and Palo Alto Networks all sign on ...

Top open source AI platform Flowise hit by maximum-level security issue

A 10/10 Flowise bug was patched, but is now being abused in the wild.

Anthropic’s biggest AI leak yet: How Claude Code spill exposed secrets and sparked chaos

AI firm Anthropic accidentally leaked its Claude Code source code via an npm package, revealing unreleased features like an ...

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
Developer Tech

AI code scanners halt Internet Bug Bounty payouts

The Internet Bug Bounty program has paused new submissions, citing a massive expansion in vulnerability discovery by AI code ...
Silicon Canals

One maintainer, one compromised laptop: How North Korean hackers hijacked the Axios open source project

In early April 2025, security researchers confirmed that North Korean state-sponsored hackers had successfully compromised the Axios HTTP library. It is one ...
Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...