GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS ...

Two developer workstations inside OpenAI installed compromised versions of the popular open-source TanStack library after an ...

OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and ...

OpenAI confirms a severe 2026 supply chain attack compromised internal repositories. Discover how this TanStack security ...

In late May 2026, reports emerged that attackers breached Grafana Labs’ systems by exploiting a newly disclosed vulnerability ...

Hundreds of software packages are affected, once again threatening enterprise credentials on coders’ machines.

Plus: Instructure’s Canvas ransomware debacle comes to a close, an alleged dark net market kingpin gets arrested, OpenAI workers fall victim to a supply chain attack, and more.

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

Mini Shai-Hulud npm campaign compromises @antv packages, targeting blockchain developers' GitHub tokens, AWS keys, and CI/CD secrets in a coordinated supply chain attack.

A poisoned open-source dependency let attackers breach two OpenAI employee devices and steal credentials from a limited set of its internal source code repositories, OpenAI confirmed in a May 14, 2026 ...

Picking a JavaScript framework in 2026 is not the casual decision it was a decade ago. The framework you choose today will ...