New Checkmarx supply-chain breach affects KICS analysis tool

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...
DataBreachToday

Flurry of Supply-Chain Software Library Attacks

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...

Etherpad 2.7.0: Collaborative web editor without cloud dependency

Etherpad is a self-hostable web editor written in Node.js for real-time collaborative writing – functionally comparable to ...
GamingOnLinuxOpinion

Colorado Age Attestation bill gets amendments to have open source excluded

Carl Richell, the Founder and CEO of System76, has given an update on the upcoming Colorado Age Attestation bill that's seen ...
CSO Online

Bitwarden CLI password manager trojanized in supply chain attack

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...

Microsoft issues emergency update for macOS and Linux ASP.NET threat

Microsoft released an emergency patch for its ASP.NET Core to fix a high-severity vulnerability that allows unauthenticated ...
heise online

Twenty 2.0: The open-source CRM follows up

With version 2.0.0, the open-source CRM Twenty receives a comprehensive update. The release focuses on AI integration, ...

Another npm supply chain worm is tearing through dev environments

Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as ...

Fastino Launches Pioneer, the First Agent for Fine-tuning and Inference of LLMs

Pioneer turns language model development and fine-tuning from a months-long, expert-driven workflow into a single prompt and introduces adaptive inference, a new category in model serving where ...

Built for a hostile internet: Canonical VP of Engineering on Ubuntu 26.04 LTS

Built for a hostile internet: Canonical VP of Engineering on Ubuntu 26.04 LTS ...
The Next Web

Belfast’s Cloudsmith raises $72M Series C to secure the AI-generated software supply chain

Cloudsmith raises a $72M Series C led by TCV and Insight Partners to govern and secure the AI-generated software supply chain.

AI Agents Just Got Employee Badges: Developer Launches First Work Platform Where Agents Are Full Users

In a structural departure from AI assistant add-ons, new agent architecture gives AI peers the same roles, permissions, ...