JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.

On the night of September 9, Tencent released and open-sourced the latest image model 'Hunyuan Image 2.1'. This model boasts industry-leading capabilities and supports native 2K high-definition images ...

ERNIE-4.5-21B-A3B-Thinking is available now on Hugging Face under an enterprise-friendly Apache 2.0 license — allowing for commercial usage — and is specifically optimized for advanced reasoning, tool ...

Bad actors are using GitHub's repository structure and paid Google Ads placements to trick EU IT users into downloading a unique malware dubbed "GPUGate" that includes new hardware-specific evasion ...

Threat actors are exploiting exposed Docker APIs to deploy malware and cryptocurrency miners and potentially create a new botnet.

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...

The malware tricks IT personnel into downloading malicious GitHub Desktop installers with GPU-gated decryption targeting ...

As developers lean on Copilot and GhostWriter, experts warn of insecure defaults, hallucinated dependencies, and attacks that ...

According to the latest data from the open-source community, the enterprise-level AI Agent platform MaxKB has garnered widespread attention on GitHub, with its Star count reaching thousands and total ...

Salesloft has revealed that threat actors targeted customer Salesforce data after breaching its GitHub account ...