Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

Overview NumPy and Pandas form the core of data science workflows. Matplotlib and Seaborn allow users to turn raw data into ...

How AI has suddenly become much more useful to open-source developers ...

A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

Python has made using Microsoft Excel much easier than it has ever been, and it isn't very hard to start using it yourself.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

OpenAI announced Thursday that it has entered into an agreement to acquire Astral, the company behind popular open source Python development tools such as uv, Ruff, and ty, and integrate the company ...

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to ...

AI recruiting startup Mercor confirms supply chain attack via LiteLLM library compromise. Hackers claim 4TB of data including ...