Cursor, the popular AI coding assistant platform, has tapped a new security partner to reduce the risk that developers pull ...

Lovable's API exposed source code and database credentials for 48 days after the company closed a bug report. Up to 62% of AI ...

If combating attacks and hijackings of legitimate software on open source registries like npm weren’t challenging enough, app makers are increasingly experiencing the consequences of software ...

A pair of security vulnerabilities discovered in the GitHub environments of two very popular open source projects from Apache and Google could be used to stealthily modify project source code, steal ...

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a high-agency, reliable, and commercially viable AI agent.

Anthropic has exposed Claude Code's source code, with a packaging error triggering a rapid chain reaction across GitHub and ...

Open source project Moq (pronounced "Mock") has drawn sharp criticism for quietly including a controversial dependency in its latest release. Distributed on the NuGet software registry, Moq sees over ...

'Like handing out the blueprint to a bank vault': Why AI led one company to abandon open source ...

Open-source code runs on every computer on the planet—and keeps America’s critical infrastructure going. DARPA is worried about how well it can be trusted It’s not much of an exaggeration to say that ...

More than half (52%) of critical open source projects contain code written in a memory-unsafe language, according to a new analysis by the Cybersecurity and Infrastructure Security Agency (CISA) in ...

Maven is a popular open source build tool for enterprise Java projects, designed to take much of the hard work out of the build process. Maven uses a declarative approach, where the project structure ...