YubiKey Manager: Security vulnerability allows execution of injected code

Yubico warns of a search path vulnerability in YubiKey Manager, libfido2 and python-fido2. Updates fix the bugs.
diginomica

Cloudsmith warns - most teams won't meet the EU Cyber Resilience Act's software supply ...

Most organizations can see their software security risks. Far fewer can act on them fast enough to matter – and with the EU ...
The Hacker News

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...
Analytics Insight

R Resurgence in 2026: Is Python Losing Its Data Science Edge?

R is regaining attention in 2026, especially in statistics-heavy and research-focused data science work.Python still leads in ...
Arabian Post

PyPI proxy trap siphons AI prompts

A Python package presented as a privacy-first shortcut to AI models has been unmasked as a supply-chain threat that quietly captures user prompts, leans on a private university service without ...
Windows Report

Gemma 4 Gets Day 0 Support on AMD GPUs and AI CPUs

AMD adds Day 0 support for Google Gemma 4 across Radeon, Instinct, and Ryzen AI, enabling full-stack AI deployment.

Anthropic leaks source code for Claude Code again: Here's what happened

Anthropic has exposed Claude Code's source code, with a packaging error triggering a rapid chain reaction across GitHub and ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...

Major compromise of the telnyx PyPI library could put millions of users at risk

JFrog reports Telnyx PyPI package was poisoned with malware by TeamPCP Malicious update delivered hidden .wav payload that deployed infostealer and persistence mechanisms Users advised to downgrade, ...
SecurityWeek

Telnyx Targeted in Growing TeamPCP Supply Chain Attack

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.