Socket raises $60M to expand AI-driven software supply chain security and protect developers from cyber threats worldwide.

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.

Hashimoto is talking about this complete rewrite of Bun (a Javascript/Typescript toolkit that’s owned by Anthropic and includes “a fast JavaScript runtime designed as a drop-in replacement for Node.js ...

Hashimoto is talking about this complete rewrite of Bun (a Javascript/Typescript toolkit that’s owned by Anthropic and includes “a fast JavaScript runtime designed as a drop-in replacement for Node.js ...

The AI governance gap is real - and it's coming at a high cost to enterprise organizations. The JFrog 2026 Software Supply ...

Socket is scaling to defend open source against supply chain attacks as AI accelerates software development. SAN ...

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

TanStack has released a detailed postmortem describing a sophisticated supply-chain attack that compromised 42 npm packages ...

Despite the advent of AI coding tools that allow developers to pump out products faster, some Houston-area companies have ...

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a ...

Every time a professional opens LinkedIn in a Chrome-based browser today, hidden JavaScript silently probes their device for ...

A poisoned open-source dependency let attackers breach two OpenAI employee devices and steal credentials from a limited set of its internal source code repositories, OpenAI confirmed in a May 14, 2026 ...