Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

Overview NumPy and Pandas form the core of data science workflows. Matplotlib and Seaborn allow users to turn raw data into clear and simple charts, making it e ...

How AI has suddenly become much more useful to open-source developers ...

Meta pauses Mercor partnership after a major data breach raises concerns over exposure of sensitive AI training data.

Meta has indefinitely paused work with $10B AI data startup Mercor after a LiteLLM supply chain attack exposed training ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...

The PyTorch Foundation also welcomed Safetensors as a PyTorch Foundation-hosted project. Developed and maintained by Hugging ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...