Sonatype Releases Q1 2026 Open Source Malware Index: Trust Abuse Most Successful Attack Vector

Sonatype®, the leader in AI-driven DevSecOps, today unveiled the Q1 2026 Open Source Malware Index, identifying 21,764 malicious open source packages in the first quarter of the year and bringing the ...
ZAWYA

Cloudflare expands its Agent Cloud to power the next generation of agents

As the way software is built fundamentally changes, Cloudflare introduces the infrastructure to power millions of autonomous, ...
MarketersMEDIA Newsroom

Harper Launches 5.0: Fully Open-Source Runtime for Building and Deploying Cost-Efficient Agents

Harper 5.0 launches with an open-source core, RocksDB support, and a unified runtime for AI agents—cutting latency and ...
Opinion

Claude Code cache chaos creates quota complaints

Anthropic last month reduced the TTL (time to live) for the Claude Code prompt cache from one hour to five minutes for many requests, but said this should not increase costs despite users reporting ...

OpenAI flags third-party data issue — all macOS users should update now

OpenAI rotated macOS code‑signing certificate after Axios supply chain breach Malicious Axios 1.14.1 pulled into app‑signing ...
XDA Developers on MSN

Claude Code's leaked source code revealed some features Anthropic wasn't ready to share yet

Oops. A 60MB source map file just leaked Anthropic's entire roadmap.
Morning Overview on MSN

Hackers hide credit-card skimmer code inside 1×1-pixel SVG images

A credit card skimmer campaign discovered in early 2025 and still actively tracked as of April 2026 has compromised an ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...
Cyber Daily

Anthropic, partners announce Project Glasswing cyber security initiative

Amazon, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, the Linux Foundation, Microsoft, and Palo Alto Networks all sign on ...

Top open source AI platform Flowise hit by maximum-level security issue

Flowise AI platform carried CVSS-10 arbitrary code flaw Vulnerability in CustomMCP node exploited in the wild Up to 15,000 ...
Enterprise Times

Security and AI news from the week beginning 30 March 2026

Anthropic and OpenAI just can't stay out of the news, which must be fun for their PR teams. This week, Anthropic accidentally ...