InfoWorld

First look: Mojo 1.0 mixes Python and Rust

Milestone Mojo release reveals a systems programming language with precise control over memory, strong types, GPU programming ...
CSO Online

Unpatched ChromaDB flaw leaves servers open to remote code execution

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...
InfoWorld

IBM and Red Hat want to become the ‘security clearinghouse’ for open source applications in the enterprise

The $5 billion Project Lightwell initiative combines AI systems with 20,000 engineers to deliver validated fixes directly ...
The Hacker News

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.

BlueRock Open Sources MCP Python Hooks for Real-Time MCP Server Visibility

BlueRock today announced the open source release of BlueRock MCP Python Hooks, a lightweight runtime observability tool for Python. It captures MCP server activity by inspecting the protocol, ...

GitHub investigating cyberattack linked to malicious VS Code extension and leaked internal repositories

GitHub is investigating a cyberattack linked to a malicious VS Code extension after hackers allegedly accessed thousands of ...

Coordinated operation takes down Glassworm botnet

The Glassworm botnet, a global operation targeting software developers through the open-source supply chain, was disrupted ...

Error in Docker Model Runner allows sandbox escape on macOS

A security update closes a malicious code vulnerability in Docker for macOS. If attackers successfully exploit a security ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

The engineer who helped build top South African technology companies, including Superbalist, MasterStart, and Yoco

Matthew Goslett’s storied career began with IRC, dial-up Internet, and a fascination with how messages travelled between ...

Linus Torvalds is fed up with AI-generated bug reports bloating the Linux kernel

In his weekly state of the kernel update, Torvalds noted that the new RC5 is much larger than any other RC5 in recent memory, and he ...