Dark Reading

AI-Led Remediation Crisis Prompts HackerOne to Pause Bug Bounties

Discovery used to be the bottleneck for open source bugs, but with automated discovery, remediation's the bottleneck, which ...

TuxCare Expands Endless Lifecycle Support to Ruby 3.2, Node.js 20, and Django 4.2 Amid Critical End-of-Life Deadlines

New ELS offerings ensure continuous security patching and operational stability for widely used development frameworks ...
TMCnet

PyTorch Foundation Announces Safetensors as Newest Contributed Project to Secure AI Model Execution

Safetensors is welcomed into the PyTorch Foundation to secure model distribution and build trusted agentic solutions. PARIS, ...
Developer Tech

AI code scanners halt Internet Bug Bounty payouts

The Internet Bug Bounty program has paused new submissions, citing a massive expansion in vulnerability discovery by AI code ...

Axios npm hack used fake Teams error fix to hijack maintainer account

The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
Bleeping Computer

Fake Next.js job interview tests backdoor developer's devices

A coordinated campaign targeting software developers with job-themed lures is using malicious repositories posing as legitimate Next.js projects and technical assessment materials, including ...
GitHub

[BUG] Claude Code executes Node.js hooks on Python projects in multi-project workspace

Claude Code incorrectly executes npm/biome PostToolUse hooks on Python FastAPI projects that don't have a package.json file, causing "ENOENT" errors after every Edit ...