Supply chain attacks feel like they're becoming more and more common.

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

According to Google researchers, a North Korean group tracked as UNC1069 has previously targeted cryptocurrency and ...

Meta has indefinitely paused work with $10B AI data startup Mercor after a LiteLLM supply chain attack exposed training ...

North Korean hackers used an updated version of a known backdoor to target a popular npm package.

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Soroosh Khodami discusses why we aren't ready ...

Apple Intelligence brings generative AI to iPhone, iPad, and Mac. Learn how it works, key features, supported devices, and ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...