The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
InfoWorld

16 open source projects transforming AI and machine learning

From fine-tuning open source models to building agentic frameworks on top of them, the open source world is ripe with ...

The Open-Source Trust Reset

Enterprises need to practice governance of open-source software to regain control of their software supply chains.
InfoQ

Cedar Joins CNCF as a Sandbox Project

Cedar, an open-source policy language architected by AWS, has joined the CNCF as a Sandbox project. Designed for fine-grained ...

Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...
Security Boulevard

Cryptographically Agile Transport Security for AI Infrastructure

Discover how to secure AI infrastructure with post-quantum cryptography and agile transport security for Model Context Protocol (MCP) deployments.