ReversingLabs 2026 Software Supply Chain Security Report Identifies 73% Increase in Malicious Open-Source Packages

According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of ...
Techzine Europe

Misuse of VS Code tasks poses risk to developers

Security researchers are increasingly citing Visual Studio Code as part of supply chain attacks on developers. Researchers at Jamf recently identified ...
Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

Kilo launches AI-powered Slack bot that ships code from a chat message

Kilo Code, an open-source AI coding startup backed by GitLab cofounder Sid Sijbrandij, launched Kilo for Slack to turn Slack ...
Putnam Daily Voice

New Map Shows Measles Risk Levels By ZIP Code: Check Here

A first-of-its-kind map now lets people check measles vaccination rates and risk levels for their local communities by ZIP code. The interactive tool, created by the ABC News data team, uses info from ...
IEEE

DeepCircuitX: A Comprehensive Repository-Level Dataset for RTL Code Understanding, Generation, and PPA Analysis

Abstract: This paper introduces DeepCircuitX, a comprehensive repository-level dataset designed to advance RTL (Register Transfer Level) code understanding, generation, and power-performance-area (PPA ...
InfoWorld

Possible software supply chain attack through AWS CodeBuild service blunted

Wiz researchers investigated and found the core of the flaw, a threat actor ID bypass due to unanchored regexes, and notified AWS. Within 48 hours, that hole was plugged, AWS said in a statement ...

Contagious Claude Code bug Anthropic ignored promptly spreads to Cowork

PromptArmor, a security firm specializing in the discovery of AI vulnerabilities, reported on Wednesday that Cowork can be ...

A simple CodeBuild flaw put every AWS environment at risk – and pwned 'the central nervous system of the cloud'

A critical misconfiguration in AWS's CodeBuild service allowed complete takeover of the cloud provider's own GitHub repositories and put every AWS environment in the world at risk, according to Wiz ...