ActiveState Unifies 79M Components to Launch World's Largest Secure Open Source Catalog

The ActiveState catalog grew to 40 million components in mid 2025 when it introduced coverage for Java and R in addition to Python, Perl, Ruby, and Tcl. As of January 2026, the company has expanded ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach reports, expert analysis, and actionable insights for infosec professionals and ...
InfoWorld

Beyond NPM: What you need to know about JSR

NPM, the Node Package Manager, hosts millions of packages and serves billions of downloads annually. It has served well over the years but has its shortcomings, including with TypeScript build ...
Ars Technica

Malicious packages for dYdX cryptocurrency exchange empties user wallets

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX developers and backend systems and, in some cases, backdoored devices, ...
The Hacker News

Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1

Google uncovered Coruna iOS exploit kit with 23 exploits across five chains targeting iPhones running iOS 13–17.2.1.

Google and iVerify reveal government-grade iPhone exploit kit spreading to hackers

Google and iVerify have shared details about Coruna, an exploit kit that chains multiple vulnerabilities to target iPhones ...

Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks

A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted ...
CSO Online

AI-powered attack kits go open source, and CyberStrikeAI may be just the beginning

CyberStrikeAI lowers the barrier to complex cyberattacks by combining AI orchestration, MCP integration, and more than 100 ...

The OpenClaw Hype: Analysis of Chatter from Open-Source Deep and Dark Web

OpenClaw has sparked heavy Telegram and dark web chatter, but Flare's data shows more research hype than mass exploitation. Flare explains how its telemetry found real supply-chain risk in the skills ...
CoinTelegraph

Moonwell hit by $1.78M exploit as AI vibe coding debate reaches DeFi

The exploit saw the Moonwell protocol exploited for $1.78 million after cbETH was mispriced at $1.12 instead of about $2,200, intensifying debate around AI-co-authored smart contracts. Moonwell, a ...
Engadget

X's 'open source' algorithm isn't a win for transparency, researchers say

The X logo appears on a smartphone screen. (Photo by Nikolas Kokovlis/NurPhoto via Getty Images) (NurPhoto via Getty Images) When X's engineering team published the code that powers the platform's ...
Nature

Open-source AI tool beats giant LLMs in literature reviews — and gets citations right

Researchers have published the recipe for an artificial-intelligence model that reviews the scientific literature better than some major large language models (LLMs) are able to, and gets the ...