JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.

Why write SQL queries when you can get an LLM to write the code for you? Query NFL data using querychat, a new chatbot ...

Databot is an experimental alternative to querychat that works with R or Python. And it’s now available as an add-on for the ...

According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...

Security researchers found malware packages using the Ethereum blockchain to conceal malicious commands on GitHub repos.

Popular npm packages debug, chalk, and others hijacked in massive supply chain attack Crims have added backdoors to at least ...

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...

Attackers abused GitHub Actions workflows to siphon off thousands of credentials from hundreds of npm and PyPI repositories.

ReversingLabs reveals hackers using Ethereum Smart contracts in NPM packages to conceal malware URLs, bypass scans, and ...

Malware targeting Ethereum smart contracts is not entirely new. Earlier this year, the North Korean-affiliated Lazarus Group ...

Raghava Chellu receives the Global Leadership Award at ICCCNet-2025, Manchester, for his AI-driven innovations in secure file ...