As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...

In 2026, AI threats shift from data leaks to operational chaos. Shadow agents with high-privilege access risk enterprise ...

Business and enterprise users can now connect their own API keys to use LLMs via OpenRouter, Ollama, Google, OpenAI, and more ...

Hackers injected credential-stealing malware into the Bitwarden CLI tool via a supply chain attack on the NPM package, ...

OpenAI is rolling out GPT-5.5 in Codex, with a 400K context window and higher coding benchmark scores than GPT-5.4.

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

The AI-powered cat-and-mouse game on the crypto crime battlefield is not only about criminals using new tools to trick ...

The compromise of a version of Bitwarden's CLI is connected to the ongoing Checkmarx supply chain campaign, but differences in the operational methods of both incidents are making it difficult to ...

Cloudsmith Inc., a startup that helps software teams manage application components, has secured $72 million in new funding.

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

VS Code 1.117 adds bring-your-own model key support for Copilot Business and Enterprise users and introduces a set of chat, agent, terminal, and TypeScript updates.