Another npm supply chain worm is tearing through dev environments

Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as ...
eWeek

OpenAI Debuts GPT-5.4-Cyber, a Locked-Down AI Model for Cyber Defense

OpenAI launches GPT-5.4-Cyber with selective access for verified defenders, adding a cyber-focused model and tighter controls ...
American Banker

Unpatched AI flaw poses risk to banking sector

An unpatched vulnerability in Anthropic's Model Context Protocol creates a channel for attackers, forcing banks to manage the ...
eWeek

NSA Reportedly Uses Anthropic’s Mythos AI Despite ‘Supply Chain Risk’ Designation

The NSA is reportedly using Anthropic’s Claude Mythos Preview despite the Pentagon’s supply chain risk label and the ...

Hackers used AI to steal hundreds of millions of Mexican government and private citizen records in one of the largest cybersecurity breaches ever

A group of hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months.
Dark Reading

Coast Guard's New Cybersecurity Rules Offer Lessons for CISOs

The Maritime Transportation Security Act (MTSA) requires plans to protect OT systems, audits by independent third parties, ...
Dark Reading

Industrial Controllers Still Vulnerable As Conflicts Move to Cyber

The US government warns programmable logic controllers are being targeted, and research turns up 179 vulnerable operational technology (OT) devices.
The Hacker News

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...
diginomica

Cloudsmith warns - most teams won't meet the EU Cyber Resilience Act's software supply chain deadline

Most organizations can see their software security risks. Far fewer can act on them fast enough to matter – and with the EU ...
News On 6

Students explore cybersecurity careers at BSides Oklahoma Student Day

Hundreds of Oklahoma high school students are getting an early look at careers in cybersecurity through hands-on experiences ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...