On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Explore Homebrew Statistics to uncover key usage trends, installs, and growth insights that help developers make smarter ...

I’ve tried to make Linux my daily OS, but I keep coming back to Windows. Here’s what still pulls me back, even when Linux ...

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...

Espressif Systems released the ESP-IDF v6.0 framework a few days ago with stable support for ESP32-C5 and ESP32-C61 SoCs, as ...

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

DietPi, the Raspberry Pi OS alternative, now has Immich as an optional package.

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were ...

Chainguard is expanding beyond open-source security to protect open-core software, AI agent skills, and GitHub Actions.

The GlassWorm malware made news when it pivoted from exclusively targeting Windows users to also targeting Mac OS users in January, and in the time since, the malware campaign has spread across at ...

As container security matures, many sophisticated organizations are moving beyond off-the-shelf images to continuously rebuilt, maintained underlying packages. These teams often require granular ...