ActiveState, a global leader in open source language solutions and secure software supply chain management, today announced it has grown its catalog of secure open source components to 79 million, ...

The developers behind a popular “open source MMO RTS sandbox game for programming enthusiasts” on Steam, named Screeps: World, have been forced to update their game “in order to protect both players” ...

CAMBRIDGE, Mass., Jan. 27, 2026 (GLOBE NEWSWIRE) -- ReversingLabs (RL), the trusted name in file and software security, today released its fourth annual Software Supply Chain Security Report. The 2026 ...

It could cause you a lot of problems.

Peter Steinberger's open-source AI agent OpenClaw hit 180,000 GitHub stars and spawned MoltBook chaos. Now Meta and OpenAI ...

Security researchers have warned that the open source ecosystem has become a “structural risk,” after revealing another surge in malicious packages last year. Sonatype said in its 2026 State of the ...

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present in the GNU InetUtils telnetd server for 11 years. The security issue is ...

“Once contribution and reputation building can be automated, the attack surface moves from the code to the governance process around it. Projects that rely on informal trust and maintainer intuition ...

While the AI itself wasn’t weaponized, the technique raises concerns about AI agents with broad system access.

Matcha Meta urged users to revoke one-time approvals for SwapNet’s router contract after a smart-contract vulnerability saw around $13.3 million stolen on the Base blockchain. Update, Jan. 27, 9:15 am ...

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ‘the JavaScript ecosystem deserves better.’ Javascript developers should ...