OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a ...

OpenAI confirmed on Wednesday that it found no evidence suggesting user data was compromised following a security incident ...

A critical vulnerability in the Cline Kanban server has been disclosed that allows any website a developer visits to silently ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Dive into The Register's online archive of incisive tech news reporting, features, and analysis dating back to 1998 ...

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. As of writing, ...

Microsoft open-sourced 86-DOS 1.00 source code on GitHub for its 45th anniversary, according to PCWorld, including kernel and PC-DOS development snapshots. This historically significant software, ...

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a vulnerability in the developers’ account workflow that gave access to its signing keys ...

The paranoia of larger corporations controls on use of external software is starting to look justified. Developers of all sizes would be wise to take a far more critical look at whether, when, and how ...

The Bitwarden command-line interface (CLI) NPM package was compromised in a supply chain attack that appears tied to previous campaigns against the open source software (OSS) ecosystem. One of the ...

Chinese companies have embraced making their most advanced artificial intelligence models available to all. The Chinese start-up DeepSeek shook the industry in January 2025 with its claim that it had ...