Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
Jul 10, 2025Ravie LakshmananVulnerability / AI Security Cybersecurity researchers have discovered a…
Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms
Jul 03, 2025Ravie LakshmananThreat Intelligence / Vulnerability The French cybersecurity agency on…
Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks
Jun 26, 2025Ravie LakshmananOpen Source / Vulnerability Cybersecurity researchers have disclosed a…
Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto
As many as 60 malicious npm packages have been discovered in the…
Open Source Web Application Firewall with Zero-Day Detection and Bot Protection
From zero-day exploits to large-scale bot attacks — the demand for a…
Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads
May 13, 2025Ravie LakshmananSupply Chain Attack / Blockchain Cybersecurity researchers have discovered…
Anaconda Launches First Unified AI Platform for Open Source, Redefining Enterprise-Grade AI Development
In a landmark announcement for the open-source AI community, Anaconda Inc., a…
Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times
May 07, 2025Ravie LakshmananSoftware Supply Chain / Malware Cybersecurity researchers have discovered…
Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence
May 06, 2025Ravie LakshmananCybersecurity / Vulnerability A recently disclosed critical security flaw…