An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

Infrastructure as Code (IaC) and Kubernetes automation are converging with AI, hybrid cloud, and cost governance to transform how teams manage infrastructure. Moving beyond static YAML toward ...

Google launches AI agent suite at Cloud Next 2026 with Workspace Studio, A2A protocol at 150 orgs, and Project Mariner. The pitch: only Google owns the full stack.

Running a decade-old OS is a ticking time bomb for your data security. With standard ESM over, you're forced to choose ...

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

This was not a case of stolen credentials, but rather of vulnerability exploitation.

Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as ...

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

Tencent Cloud's Cube Sandbox goes fully open source with five technical breakthroughs, providing a production-grade foundation for AI Agent deployment at industrial scale.

Checkmarx suffers a second supply chain attack in a month, resulting in hackers injecting credential-stealing malware into ...

OpenClaw has become one of the fastest-growing open-source AI projects in recent memory—134,000+ GitHub stars and 500 million ...