Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

Overview NumPy and Pandas form the core of data science workflows. Matplotlib and Seaborn allow users to turn raw data into ...

How AI has suddenly become much more useful to open-source developers ...

Meta has indefinitely paused work with $10B AI data startup Mercor after a LiteLLM supply chain attack exposed training ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from ...

Python has made using Microsoft Excel much easier than it has ever been, and it isn't very hard to start using it yourself.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

OpenAI announced Thursday that it has entered into an agreement to acquire Astral, the company behind popular open source Python development tools such as uv, Ruff, and ty, and integrate the company ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...