The pandas team has released pandas 3.0.0, a major update that changes core behaviors around string handling, memory ...

Astrix Security, the leader in AI agent security, today announced the general availability of OpenClaw Scanner, a ...

Researchers have revealed that bad actors are targeting dYdX and using malicious packages to empty its user wallets.

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.

The latest enhancements to our platform empower organizations to stop third-party risk from ever entering their software code, providing them with a prevention-first approach.” Package Firewall, ...

Open source malware surged 73% in 2025, with npm as a key target with rising risks in software supply chains and developer environments.

A report from ReversingLabs reveals a massive 73% increase in malicious open-source packages in 2025, with over 10,000 ...

The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index (PyPI) website to reset credentials. Accessible at pypi.org, PyPI is the default ...

I noticed some time ago that the releases of datafusion-python and the core/rust project are no longer in sync. Pypi version is at v48.0.0, while Rust/crates version is at v49.0.1. Is this a planned ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...