Endor Labs launches AURI, a free security platform that embeds directly into AI coding assistants like Cursor and Claude to catch vulnerabilities in AI-generated code before they ship to production.

Whether it is a 0.8B model running on a smartphone or a 9B model powering a coding terminal, the Qwen3.5 series is ...

Check Point research found three critical flaws in Anthropic's Claude Code that allow attackers to execute arbitrary commands ...

Two tools that have recently landed, taken together, define what the next phase of AI agent competition looks like. On5, Anthropic released Remote Control for Claude Code — a feature that lets ...

Linux kernel maintainers propose a less painful process for identifying developers. See how it can make Linux code safer than ever.

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...

BURLINGTON, Mass., Feb. 25, 2026 /PRNewswire/ -- Black Duck ® , the leader in AI-powered application security, today released the 2026 Open Source Security and Risk Analysis (OSSRA) report, revealing ...

China IC design firm Rockchip is facing an open-source licensing dispute after GitHub reportedly froze code repositories linked to its projects, drawing attention across the semiconductor and software ...

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Open source doesn’t guarantee responsible AI. But it increasingly makes responsible evaluation possible for smaller organizations.

Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.

The ActiveState catalog grew to 40 million components in mid 2025 when it introduced coverage for Java and R in addition to Python, Perl, Ruby, and Tcl. As of January 2026, the company has expanded ...