Bob van Luijt, Co-Founder and CEO of Weaviate—which he launched as an open-source vector search engine in March 2019—shared ...

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and data-stealing malware.

Update implements Jakarta EE 11 platform and brings support for Jakarta Data repositories and virtual threads.

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...

According to Moderne, this extends OpenRewrite coverage from backend and frontend application code into the data and AI layer ...

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.

When a Matplotlib volunteer declined its pull request, the bot published a personal attack. Sign of the times: An AI agent autonomously wrote and published a personalized attack article against an ...

The ActiveState catalog grew to 40 million components in mid 2025 when it introduced coverage for Java and R in addition to Python, Perl, Ruby, and Tcl. As of January 2026, the company has expanded ...

Multiple software vulnerabilities threaten systems with IBM App Connect Enterprise or WebSphere Service Registry and ...

dYdX has been targeted by bad actors using malicious packages to empty its user wallets.

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX developers and backend systems and, in some cases, backdoored devices, ...

On SWE-Bench Verified, the model achieved a score of 70.6%. This performance is notably competitive when placed alongside significantly larger models; it outpaces DeepSeek-V3.2, which scores 70.2%, ...