In recognition of 21 GenAI risks, the standards groups recommends firms take separate but linked approaches to defending ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

And it’s not the only one: OpenAI warned in December that its upcoming models posed a “high” cybersecurity risk. Experts have ...

Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

Overview: Cybersecurity in 2026 requires strong knowledge of programming languages to handle advanced and AI-based threats.Python, JavaScript, and system-level ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

RSAC 2026 The now-infamous Anthropic report about Chinese cyberspies abusing Claude AI to automate cyberattacks was a ...

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...