10 trillion downloads are crushing open-source repositories - here's what they're doing about it

Companies are treating these repositories like content delivery networks - now the Linux Foundation and colleagues are saying ...

One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...

Trellix confirms data breach after hack of a portion of its source code

Key details are still missing, but Trellix says it found no evidence of source code release or distribution process being affected.
The Hacker News

Trellix Confirms Source Code Breach With Unauthorized Repository Access

Trellix reports source code breach with partial repository access, no exploitation found, raising security concerns.
SecurityWeek

Trellix Source Code Repository Breached

Trellix says a part of its source code repository was recently breached, but shared little other information about the ...
News.az

Trellix discloses unauthorized access to source code repository

The company, formed from the merger of McAfee Enterprise and FireEye, stated that upon identifying the breach, it immediately ...