A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...

As adoption of MCP servers accelerates into the tens of thousands, developers and platform teams are increasingly responsible ...

GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed ...

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.

With Flash GA, the company is attempting to transition from being a provider of raw compute to becoming the essential orchestration layer for the AI-first cloud.

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...

The Microsoft-owed software developer platform, GitHub, has confirmed a third-party has gained unauthorized access to 3800 ...

BlueRock today announced the open source release of BlueRock MCP Python Hooks, a lightweight runtime observability tool for Python. It captures MCP server activity by inspecting the protocol, ...

10 trillion downloads are crushing open-source repositories - here's what they're doing about it ...

GitHub is investigating an alleged breach after TeamPCP claimed access to nearly 4,000 private repositories, though no impact ...

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...