Exclusive: Chainguard extends Repository scanning and policies to Java, Python and containers

Secure software supply chain solution provider Chainguard Inc. today expanded its Chainguard Repository product with malware ...
Opinion
Database Trends and ApplicationsOpinion

CData Delivers Free Access to Governed Enterprise Data with Connect AI Developer Edition, Python SDK, and CLI

CData Software is launching three products for developers building AI applications on enterprise data: Connect AI Developer Edition (free), the CData Connect AI Python SDK (open source), and CData CLI ...
cryptopolitan

Microsoft, Google patch flaws as Cordyceps spread across open-source repositories

Security researchers at Novee found over 300 exploitable CI/CD workflow chains across repositories belonging to Microsoft, Google, Apache, Cloudflare, and the Python Software Foundation. The flaws ...

Researchers claim Microsoft's quantum breakthrough is flawed by basic Python errors

Microsoft's 2029 quantum supercomputer ambitions may have hit a roadblock, as critics claim the company's 2025 quantum ...
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...

CData targets AI developers with governed data access tools

CData CLI, is a command-line tool that enables developers to build and test integrations using CData’s connectors. The company says the tool is optimized for AI-assisted development environments while ...
InfoWorld

OpenAI rolls out AI-led push to fix open-source software flaws

Patch the Planet’ pairs automated analysis with expert review to uncover and remediate vulnerabilities in core infrastructure ...
Dark Reading

'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows

By targeting the automated workflows around repositories with targeted pull requests, attackers can potentially target ...
Ars Technica

OpenAI is acquiring open source Python tool-maker Astral

OpenAI announced Thursday that it has entered into an agreement to acquire Astral, the company behind popular open source Python development tools such as uv, Ruff, and ty, and integrate the company ...
theregister

Anthropic finds $1.5 million to help Python Foundation improve security

The Python Software Foundation (PSF) has an extra $1.5 million heading its way, after AI upstart Anthropic entered into a partnership aimed at improving security in the Python ecosystem. “This ...
Bleeping Computer

Python rejects $1.5M grant from U.S. govt. fearing ethical compromise

The Python Software Foundation (PSF) has withdrawn its $1.5 million grant proposal to the U.S. National Science Foundation (NSF) due to funding terms forcing a compromise on its commitment to ...