Several of this week’s top stories touch on the pitfalls of open source development, especially when things like power, money, and ego are involved. Also, a look at Python’s nifty new sampling ...

After the supply chain attack on LiteLLM, attackers were able to access internal Cisco data, it is said. Source code from ...

Andrej Karpathy, the former Tesla AI director and OpenAI cofounder, is calling a recent Python package attack "software horror"—and the details are genuinely alarming. A compromised version of LiteLLM ...

A day after the source code of Anthropic Claude Code – its popular AI coding assistant – leaked online, the company quickly raced to file copyright takedown requests with GitHub, successfully pulling ...

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

Meta pauses Mercor partnership after a major data breach raises concerns over exposure of sensitive AI training data.

The open-source project maps directly to OWASP’s top 10 agentic AI threats, aiming to curb issues like prompt injection, ...

Yesterday’s surprise leak of the source code for Anthropic’s Claude Code revealed a lot about the vibe-coding scaffolding the company has built around its proprietary Claude model. But observers ...

Getting into software engineering can seem like a lot, right? There are so many things to figure out, like what languages to ...

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...