News

Supply-chain attacks on open source software are getting out of hand
It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with ...
Hacker Exposes Amazon Q Security Flaws Using Covert Code
A hacker recently injected code into Amazon Q in order to warn users of the platform’s potential security flaws. But the ...
Hacker adds potentially catastrophic prompt to Amazon's AI coding service to prove a point
A hacker successfully added a potentially destructive prompt to the AI writer’s GitHub repository, instructing it to wipe a ...
Code syntax error prevented hacked AWS AI dev extension from running
AWS has published further details of an incident involving one of its artificial intelligence development tools, which saw an ...
Hosted on MSN5mon
Open-source code repository says ‘far-right forces’ are behind ...
The open-source code repository Codeberg has blamed the far right for a recent campaign of abuse and harassment across its systems. “Projects advocating tolerance and equal rights” were ...
Ars Technica1y
PyPI halted new users and projects while it fended off supply-chain ...
PyPI, a vital repository for open source developers, temporarily halted new project creation and new user registration following an onslaught of package uploads that executed malicious code on any ...
The Globe and Mail4y
Microsoft says its source code was accessed in SolarWinds hack
It is not clear how much or what parts of Microsoft’s source code repositories the hackers were able to access, but the disclosure suggests that the hackers who used software company SolarWinds ...