Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Chainguard is expanding Repository with new policy controls, malware and greyware scanning, and support for Java, Python, and container artifacts-helping organizations govern software consumption ...

Every Python developer knows some or all of these libraries, because they’re stable, reliable, and excellent at what they do.

Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

Vienna, Austria, June 25, 2026 -- digna, the European data quality and observability platform, today announced the release of ...

Secure software supply chain solution provider Chainguard Inc. today expanded its Chainguard Repository product with malware ...

CData Software is launching three products for developers building AI applications on enterprise data: Connect AI Developer Edition (free), the CData Connect AI Python SDK (open source), and CData CLI ...

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

Check out Python’s powerful new linters and profiling tools, and learn how virtual environments can save you time and trouble ...

Spread the love“`html As Python has surged in popularity among developers and data scientists, so has the importance of managing packages efficiently. At the heart of this management lies pip, the ...