CPO Magazine

Axios Supply Chain Attack Hits OpenAI: Users Urged to Update macOS Certificates

The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...
TechJuice

GlassWorm Escapes JavaScript Sandbox to Silently Spread Across Developer Tools

GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.

Seal Security Launches Mythos Readiness Program to Close the "Silent Patch Gap" Between Fix Commits and CVE Advisories

Seal Security today announced the Mythos Readiness Program, a limited-availability initiative for enterprises that are not part of Anthropic's private Project Glasswing review of Claude Mythos Preview ...
SecurityWeek

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.

OpenAI Confirms Security Incident—Mac Users Must Update All Apps Now

All macOS users must update their OpenAI apps, including ChatGPT, to the latest versions following a security incident, ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

Although executed by different attackers – Axios by North Korean-linked goons, and Trivy et al. by a loosely knit band of ...
The Hacker News

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...

Fake Linux leader using Slack to con devs into giving up their secrets

An unknown malware slinger targeting open source software developers via Slack impersonated a real Linux Foundation official ...
XDA Developers on MSN

Claude Code's leaked source code revealed some features Anthropic wasn't ready to share yet

Oops. A 60MB source map file just leaked Anthropic's entire roadmap.
DMR News

Harper Launches 5.0: Fully Open-Source Runtime for Building and Deploying Cost-Efficient Agents

Harper, the unified runtime for agentic engineering, today announced the release of Harper 5.0. The release makes the ...

How to Use Google Chrome’s New AI-Powered ‘Skills’

The premade Skills available through the Gemini sidebar in Chrome include ways to maximize protein in recipes or summarize ...