The GitHub MCP Server connects AI tools directly to GitHub's platform. This gives AI agents, assistants, and chatbots the ability to read repositories and code files, manage issues and PRs, analyze ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

As organizations disclose breaches tied to TeamPCP's supply chain attacks, ShinyHunters and Lapsus$ are creating a murky ...

In order to spread Vidar information-stealing malware, threat actors are taking advantage of the recent Claude Code source ...

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...

Claude Code leak is now used to spread malware via fake GitHub repos, delivering infostealers and backdoor tools.

This is GlassWorm: a software supply chain attack that security researchers are calling one of the most sophisticated and ...

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

A series of malicious LNK files targeting users in South Korea has been detected using a multi-stage attack chain that uses ...

Anthropic's AI coding assistant's source code leaked, prompting swift copyright takedowns on GitHub. However, one engineer ...

Gartner issued a same-day advisory after Anthropic leaked Claude Code's full architecture. CrowdStrike CTO Elia Zaitsev and ...