Stay updated on recent software supply chain attacks and learn how new vulnerability tracking metrics change your team ...
Managed Authorisation extension to stable status, adding a centralised way for organisations to control access to MCP servers ...
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
VS Code 1.127 enhances agent session management, introduces per-site browser permissions, and makes browser tools for agents ...
North Korean threat actors are escalating the PolinRider supply chain attack across Go, Packagist, and npm package ...
Spanning the hidden Polish design pioneers of modern history, to the next generation of visual innovators, we report back from our visit to this expansive event dedicated to the humble but mighty ...