The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert to provide guidance in response to the ...

A Vercel employee's AI tool OAuth grant gave attackers access to internal systems via a four-hop kill chain. Here's what ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...

Vercel's CEO reckons the crooks behind its recent breach likely had a helping hand from AI, saying the attackers moved with "surprising velocity" and a deep understanding of the company's ...

See how you can use Tenable Hexa AI to determine in minutes if you’re impacted by the Axios npm supply chain attack. Learn how easy it is to automate configuration of scans, identify impacted assets, ...

Chainguard, the trusted source for open source, today announced a partnership with Cursor, the leading multi-model AI coding platform, to secure the next generation of agentic software development.

Osirus AI today announced the public launch of its enterprise AI platform, built from the ground up by three founders with no outside funding. The platform combines every major AI capability — Chat, ...

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...

Context.ai breach enabled Google Workspace takeover at Vercel, exposing limited customer credentials and prompting $2M data ...

As supply chain attacks surge and AI lowers the barrier to malware, the cybersecurity unicorn moves security directly onto ...

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks.