Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

Stop using bloated tools—these 5 tiny open-source apps quietly solve problems nobody else bothers to fix and do more with ...

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

A critical pre-authentication SQL injection vulnerability in BerriAI’s LiteLLM Python package came under active exploitation ...

Relief on the road to Aberdeen became an encounter with gunmaking, Roman legions, Monty Python - and the uneasy proximity of ...

DeepSeek V4 arrives in Pro and Flash variants with a 1M token context window, lower inference costs, and a stronger push into ...

Bybit and 1Token opened registration for an Institutional Strategy Championship offering up to US$10 million in interest-free ...

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

Anthropic fixed a significant vulnerability in Claude Code's handling of memories, but experts caution that memory files will ...

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...