CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across developer systems.

Ocean Network links idle GPUs with AI workloads through a decentralized compute market and editor-based orchestration tools.

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, worm-like malware across dozens of packages, security firms say. Named CanisterWorm ...

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

New Opentrons AI capability lets scientists simulate and visually inspect automated laboratory experiments before robots execute them.

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...

OpenAI to acquire Astral, bringing Python tools like uv, Ruff, and ty into Codex as it moves from code generation to executing full developer workflows.

Nvidia unveiled its open-source Agent Toolkit at GTC 2026, adding OpenShell, AI-Q, and major partners including Adobe, SAP, ...

Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.

The new capability lets scientists simulate and visually inspect automated experiments before robots run them.

QR codes are widely used in entry and exit systems for various events to monitor the number of participants and ensure that ...

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says.