Copycat hackers are competing to win $1,000 for the largest supply chain attack using Shai-Hulud, an open-sourced worm that has brought down a few major open-source projects. Malicious NPM packages ...

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a ...

OpenAI says malware tied to the Shai-Hulud supply chain attack accessed internal repositories after infecting two employee ...

A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker ...

OpenAI confirmed on Wednesday that it found no evidence suggesting user data was compromised following a security incident ...

OpenAI launches Daybreak to compete with Anthropic's Claude Mythos AI model in finding and fixing vulnerabilities in record ...

In March 2026, someone hijacked a maintainer account for Axios, a JavaScript HTTP library downloaded more than 45 million ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Dive into The Register's online archive of incisive tech news reporting, features, and analysis dating back to 1998 ...

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. As of writing, ...

A major decentralized finance (DeFi) hack could prompt Wall Street firms to reassess the pace of their blockchain and tokenization efforts, a Jefferies analyst wrote in a report. The note follows a ...